op5 Monitoring 5.4.2 - VM Applicance Multiple Vulnerabilities

op5 Monitoring 5.4.2 - VM Applicance Multiple Vulnerabilities Author: loneferret of Offensive Security Product: op5 Monitoring VM appliance Version: 5.4.2 Vendor Site: http://www.op5.com/ Software Download: http://www.op5.com/get-op5-monitor/get-started/ Software Description: op5 is a market...

ManageEngine OpUtils 6.0 - Persistent Cross-Site Scripting

Author: loneferret of Offensive Security Product: ManageEngine OpUtils Version: 6 Vendor Site: http://www.manageengine.com Software Download: http://www.manageengine.com/products/oputils/download.html Software Description: http://www.manageengine.com/products/oputils/oputils.html The toolset can ...

AtMail Email Server Appliance 6.4 - Persistent Cross-Site Scripting Cross-Site Request Forgery Remote Code Execution

AtMail Email Server Appliance 6.4 - Persistent Cross-Site Scripting Cross-Site Request Forgery Remote Code Execution Exploit Title: Atmail Email Server Appliance 6.4 Remote Code Execution Date: Jul 21 2012 Author: muts Version: Atmail Email Server 6.4 By sending an email to a user with the Atmail...

Atmail Email Server Appliance 6.4 Stored XSS - CSRF - RCE

Exploit for linux platform in category remote exploits Exploit Title: Atmail Email Server Appliance 6.4 Remote Code Execution Date: Jul 21 2012 Author: muts Version: Atmail Email Server 6.4 By sending an email to a user with the Atmail administrative interface open, we can call a remote JavaScrip...

Ubuntu Update for mozvoikko USN-1277-2

Ubuntu Update for Linux kernel vulnerabilities USN-1277-2 OpenVAS Vulnerability Test $Id: gbubuntuUSN12772.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for mozvoikko USN-1277-2 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net Th...

security flaw

The jswatchset function in js/src/jsdbgapi.cpp in the JavaScript engine in Mozilla Firefox before 3.0.12 allows remote attackers to cause a denial of service assertion failure and application exit or possibly execute arbitrary code via a crafted .js file, related to a "memory safety bug." NOTE:...

Powerschool 4.3.6/5.1.2 - JavaScript File Request Information Disclosure

source: https://www.securityfocus.com/bid/22611/info Powerschool is prone to an information-disclosure vulnerability because the application discloses information about administrative session variables. An attacker can exploit these issue to obtain sensitive information that may aid in other...

Web Server JavaScript File (.js) Copyright Information

Binary data 1762.prm...

Microsoft Internet Explorer 5 - JavaScript Local File Enumeration (2)

source: https://www.securityfocus.com/bid/3779/info Microsoft Internet Explorer is prone to a vulnerability which may disclose sensitive information to a malicious webmaster. When script code includes a file outside of the document it is embedded in and the file does not exist, the onError event...

Доступ к локальным файлам через javasctipt в IE (file access)

Из javascript можно получить доступ к файлам, которые удовлетворяют формату объявления переменных javascript, например списку паролей в определенном формате...