CVE-2008-6510

Cross-site scripting XSS vulnerability in login.jsp in the Admin Console in Openfire 3.6.0a and earlier allows remote attackers to inject arbitrary web script or HTML via the url parameter...

Ignite Realtime OpenFire Multiple Vulnerabilities

This host is running OpenFire and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbopenfiremultvuln.nasl 5676 2017-03-22 16:29:37Z cfi $ Ignite Realtime OpenFire Multiple Vulnerabilities Authors: Sharath S Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Openfire < 3.6.3 Multiple Vulnerabilities

Binary data 4925.prm...

OpenFire Detection (HTTP)

HTTP based detection of OpenFire. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.800353";...

OpenFire < 3.6.3 Multiple Vulnerabilities

OpenFire is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:igniterealtime:openfire";...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Ignite Realtime Openfire 3.6.2 allow remote attackers to inject arbitrary web script or HTML via the 1 log parameter to a logviewer.jsp and b log.jsp; 2 search parameter to c group-summary.jsp; 3 username parameter to d user-properties.jsp; 4...

Directory traversal

Directory traversal vulnerability in log.jsp in Ignite Realtime Openfire 3.6.2 allows remote attackers to read arbitrary files via a ..\ dot dot backslash in the log parameter...

CVE-2009-0497

Directory traversal vulnerability in log.jsp in Ignite Realtime Openfire 3.6.2 allows remote attackers to read arbitrary files via a ..\ dot dot backslash in the log parameter...

CVE-2009-0496

Multiple cross-site scripting XSS vulnerabilities in Ignite Realtime Openfire 3.6.2 allow remote attackers to inject arbitrary web script or HTML via the 1 log parameter to a logviewer.jsp and b log.jsp; 2 search parameter to c group-summary.jsp; 3 username parameter to d user-properties.jsp; 4...

CVE-2009-0496

Multiple cross-site scripting XSS vulnerabilities in Ignite Realtime Openfire 3.6.2 allow remote attackers to inject arbitrary web script or HTML via the 1 log parameter to a logviewer.jsp and b log.jsp; 2 search parameter to c group-summary.jsp; 3 username parameter to d user-properties.jsp; 4...

CVE-2009-0497

Directory traversal vulnerability in log.jsp in Ignite Realtime Openfire 3.6.2 allows remote attackers to read arbitrary files via a ..\ dot dot backslash in the log parameter...

CVE-2009-0497

CVE-2009-0497 is an Openfire vulnerability (Openfire 3.6.2 and affected builds) where the log.jsp component fails to validate the log parameter, allowing a remote attacker to perform a directory traversal (via ..) and read arbitrary files on the server. The issue is caused by improper input valid...

CVE-2009-0496

Openfire (Ignite Realtime) versions prior to 3.6.3 are affected by multiple input-validation vulnerabilities (CVE-2009-0496 among others) in several .jsp pages, which could allow remote attackers to inject XSS and potentially upload a malicious plugin to achieve arbitrary code execution. The Gent...

Openfire < 3.6.3 Multiple Vulnerabilities

The remote host is running Openfire / Wildfire, an instant messaging server supporting the XMPP protocol. According to its version, the installation of Openfire or Wildfire is affected by multiple vulnerabilities : - Multiple .jsp scripts namely, 'logviewer.jsp' BID 32935, 'group-summary.jsp' BID...

FreeBSD Ports: openfire

The remote host is missing an update to the system as announced in the referenced advisory. VID c3aba586-ea77-11dd-9d1e-000bcdc1757a OpenVAS Vulnerability Test $ Description: Auto generated from VID c3aba586-ea77-11dd-9d1e-000bcdc1757a Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

FreeBSD : openfire -- multiple vulnerabilities (c3aba586-ea77-11dd-9d1e-000bcdc1757a)

Core Security Technologies reports : Multiple cross-site scripting vulnerabilities have been found which may lead to arbitrary remote code execution on the server running the application due to unauthorized upload of Java plugin code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

FreeBSD Ports: openfire

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Openfire多个跨站脚本和目录遍历漏洞

BUGTRAQ ID: 32935,32937,32938,32939,32940,32943,32944,32945 Openfire（原名为Wildfire）是一个采用Java开发的跨平台开源实时协作（RTC）服务器。...

CORE-2008-1128: Openfire multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Openfire multiple vulnerabilities 1. Advisory Information Title: Openfire multiple vulnerabilities Advisory ID: CORE-2008-1128 Advisory URL:...

Openfire multiple vulnerabilities

Openfire multiple vulnerabilities 1. Advisory Information Title: Openfire multiple vulnerabilities Advisory ID: CORE-2008-1128 Advisory URL: Date published: 2009-01-08 Date of last update: 2009-01-07 Vendors contacted: Jive Software Release mode: Coordinated release 2. Vulnerability Information...