29 matches found
Enhancesoft osTicket 跨站脚本漏洞
osTicket is a widely used and trusted open source work order support ticket system. A cross-site scripting vulnerability exists in osTicket versions prior to 1.12.6. An attacker can exploit this vulnerability via the queue-name parameter in include/class.queue.php...
Cross-site-scripting (XSS)
sidekiq is vulnerable to cross-site-scripting. An attacker is able to inject and execute malicious code via the queue name of the live-poll feature when Internet Explorer is used...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the queue name of the live-poll feature when Internet Explorer is used. Details Cross-site scripting or XSS is a code vulnerability that occurs when an attacker “injects” a malicious script into an otherwise...
PT-2021-18635
Name of the Vulnerable Software and Affected Versions Sidekiq versions 5.1.3 and earlier Sidekiq versions 6.x through 6.2.0 Description The issue allows for XSS via the queue name of the live-poll feature, specifically when Internet Explorer is used. Recommendations For Sidekiq versions 5.1.3 and...
Mike Perham sidekiq 跨站脚本漏洞
Mike Perham sidekiq is a Mike Perham open source application. Use threads to process many jobs simultaneously in the same process A cross-site scripting vulnerability exists in Mike Perham Sidekiq version 5.1.3 and earlier and 6.x series version 6.2.0 and earlier, which can be exploited by an...
CVE-2019-16950
An XSS issue was discovered in Enghouse Web Chat 6.1.300.31 and 6.2.284.34. The QueueName parameter of a GET request allows for insertion of user-supplied JavaScript...
RPM Select/Elite 5.0 - '.xml Configuration parsing' Unicode Buffer Overflow (PoC)
!/usr/bin/python RPM Select/Elite v5.0 .xml config parsing unicode buffer overflow PoC Found by: mrme - http://net-ninja.net/ Homepage: http://lpd.brooksnet.com/ Download: http://www.brooksnet.com/download-rpmselect Tested on: Windows XP SP3 Advisory:...
Microsoft Windows Message Queuing Service Queue Name Handling (MS08-065) - ver 2 (CVE-2008-3479)
Microsoft Message Queuing MSMQ is a component of Microsoft Windows designed to act as a message portal between a set of applications requiring message exchange functionality. MSMQ enables applications that are running at different times to communicate across heterogeneous networks and across...
Moderate: Red Hat Security Advisory: cups security update
Updated CUPS packages that fix a security issue are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Common UNIX Printing System CUPS provides a portable printing layer for UNIXR operating system...