Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Accoria Web Server aka Rock Web Server 1.4.7 allow remote attackers to inject arbitrary web script or HTML via 1 the query string to the getenv sample program, 2 the desc parameter to loadstatic.cgi, 3 the name parameter to httpdcfg.cgi, or 4 t...

DEBIAN-CVE-2010-1594

Multiple cross-site scripting XSS vulnerabilities in ocsreports/index.php in OCS Inventory NG 1.02.1 allow remote attackers to inject arbitrary web script or HTML via 1 the query string, 2 the BASE parameter, or 3 the ega1 parameter. NOTE: some of these details are obtained from third party...

Open redirect

Open redirect vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management WCM, and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0...

XOOPS misc.php Query String XSS

The version of XOOPS running on the remote web server has a cross- site scripting vulnerability. 'misc.php' does not sanitize the requested URI before displaying it in the response. Manipulating the query string can result in a cross-site scripting attack. A remote attacker could exploit this by...

Important: Red Hat Security Advisory: tomcat security update

Updated tomcat packages that fix several security issues are now available for Red Hat Developer Suite 3. This update has been rated as having important security impact by the Red Hat Security Response Team. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP...

Cross site scripting

Cross-site scripting XSS vulnerability in the help pages in IBM Rational AppScan Enterprise Edition 5.5.0.2 allows remote attackers to inject arbitrary web script or HTML via the query string...

CVE-2009-3745

Cross-site scripting XSS vulnerability in the help pages in IBM Rational AppScan Enterprise Edition 5.5.0.2 allows remote attackers to inject arbitrary web script or HTML via the query string...

CVE-2009-3745

Cross-site scripting XSS vulnerability in the help pages in IBM Rational AppScan Enterprise Edition 5.5.0.2 allows remote attackers to inject arbitrary web script or HTML via the query string...

Adobe Flex SDK Cross-Site Scripting Vulnerability (Windows)

This host is installed with Adobe Flex SDK and is prone to Cross-Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: secpodadobeflexsdkxssvulnwin.nasl 7573 2017-10-26 09:18:50Z cfischer $ Adobe Flex SDK Cross-Site Scripting Vulnerability Windows Authors: Sharath S Copyright: Copyright c...

Ubuntu 8.04 LTS / 8.10 / 9.04 : mono vulnerabilities (USN-826-1)

It was discovered that the XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation. CVE-2009-0217 It was discovered that Mono did not properly escape certain attributes in th...

CVE-2009-1879

Cross-site scripting XSS vulnerability in index.template.html in the express-install templates in the SDK in Adobe Flex before 3.4, when the installed Flash version is older than a specified requiredMajorVersion value, allows remote attackers to inject arbitrary web script or HTML via the query...

CVE-2009-2321

cgi-bin/sysconf.cgi on the Axesstel MV 410R allows remote attackers to cause a denial of service configuration reset via a RESTORE=RESTORE query string...

Sun Java System Web Proxy Server Vulnerabilities (Windows)

This host has Sun Java Web Server running on Linux, which is prone to Cross-Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: gbsunjavasyswebservxssvulnlin.nasl 5158 2017-02-01 14:53:04Z mime $ Sun Java System Web Server XSS Vulnerability Linux Authors: Sharath S Copyright: Copyright ...

The most hidden of the asp Backdoor-vulnerability warning-the black bar safety net

| Today that is in the administrator backend login screen hidden our back door, which is relatively safe, because the administrator of the inlet is not Often change, as long as his login screen on our back door just in! 1. From our SHELL found on the administrator portal page 2. Edit it in the...

SquirrelMail: Multiple cross site scripting issues

Multiple cross-site scripting XSS vulnerabilities in SquirrelMail before 1.4.18 and NaSMail before 1.7 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 certain encrypted strings in e-mail headers, related to contrib/decryptheaders.php; 2 PHPSELF; and 3 the que...

CVE-2009-1578

Multiple cross-site scripting XSS vulnerabilities in SquirrelMail before 1.4.18 and NaSMail before 1.7 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 certain encrypted strings in e-mail headers, related to contrib/decryptheaders.php; 2 PHPSELF; and 3 the que...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in SquirrelMail before 1.4.18 and NaSMail before 1.7 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 certain encrypted strings in e-mail headers, related to contrib/decryptheaders.php; 2 PHPSELF; and 3 the que...

CVE-2009-1578

CVE-2009-1578 affects SquirrelMail < 1.4.18 and NaSMail

CVE-2009-1553

Multiple cross-site scripting XSS vulnerabilities in the Admin Console in Sun GlassFish Enterprise Server 2.1 allow remote attackers to inject arbitrary web script or HTML via the query string to 1 applications/applications.jsf, 2 configuration/configuration.jsf, 3 customMBeans/customMBeans.jsf, ...

CVE-2009-1553

Multiple cross-site scripting XSS vulnerabilities in the Admin Console in Sun GlassFish Enterprise Server 2.1 allow remote attackers to inject arbitrary web script or HTML via the query string to 1 applications/applications.jsf, 2 configuration/configuration.jsf, 3 customMBeans/customMBeans.jsf, ...