eYou /php/ip_status.php 命令执行漏洞

No description provided by source...

Microsoft InfoPath HTML Sanitisation Component XSS Vulnerability (2821818)

This host is missing an important security update according to Microsoft Bulletin MS13-035. OpenVAS Vulnerability Test $Id: secpodofficeinfopathms13-035.nasl 5339 2017-02-18 16:28:22Z cfi $ Microsoft InfoPath HTML Sanitisation Component XSS Vulnerability 2821818 Authors: Antu Sanadi Copyright:...

Script Execution flaw in Google drive poses security threat

Once again Google Security Team Shoot itself in the foot. Ansuman Samantaray, an Indian penetration tester discovered a small, but creative Security flaw in Google drive that poses phishing threat to million of Google users was ignored by Google Security team by replying that,"It is just a mare...

HP Intelligent Management Center - 'topoContent.jsf' Cross-Site Scripting

source: https://www.securityfocus.com/bid/58293/info HP Intelligent Management Center is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting...

dopvSTAR* vulnerable to cross-site scripting

Overview dopvSTAR provided by bayashi.net is a software to analyze web access logs. dopvSTAR contains a cross-site scripting vulnerability. Masahiro YAMADA reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An...

dopvCOMET* vulnerable to cross-site scripting

Overview dopvCOMET provided by bayashi.net is a software to analyze web access logs. dopvCOMET contains a cross-site scripting vulnerability. Masahiro YAMADA reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A...

imgboard vulnerable to cross-site scripting

Overview imgboard contains a cross-site scripting vulnerability. imgboard provided by imgboard.com CGI Download Center formerly 1998 t-club CGI Download Center is a bulletin board software that supports posting picture files. imgboard contains a cross-site scripting vulnerability. Yuji Tounai of...

Sonar - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/57982/info Sonar is prone to multiple cross-site scripting vulnerabilities because it fails to sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of th...

Cybozu Garoon vulnerable to cross-site scripting

Overview Cybozu Garoon contains a cross-site scripting vulnerability. Cybozu Garoon provided by Cybozu is a groupware. Cybozu Garoon contains a cross-site scripting vulnerability. Ken Asai reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Earl...

Ubuntu Update for linux USN-1696-2

Check for the Version of linux OpenVAS Vulnerability Test $Id: gbubuntuUSN16962.nasl 7958 2017-12-01 06:47:47Z santu $ Ubuntu Update for linux USN-1696-2 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; yo...

USN-1700-2 : linux-ti-omap4 regression

USN-1700-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression inotify/fanotify stopped working after upgrading. This update fixes the problem. We apologize for the inconvenience. Original advisory details: A flaw was discovered in the Linux kernel's handling of script...

USN-1704-2: Linux kernel (Quantal HWE) regression

USN-1704-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression inotify/fanotify stopped working after upgrading. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Brad Spengler discovered a flaw in the Linux kernel's uname system...

USN-1699-2: Linux kernel regression

USN-1699-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression inotify/fanotify stopped working after upgrading. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jon Howell reported a flaw in the Linux kernel's KVM Kernel-based...

[SECURITY] [DSA 2610-1] ganglia security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2610-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez January 21, 2013 http://www.debian.org/security/faq -...

Ubuntu Update for linux-lts-quantal USN-1704-1

Check for the Version of linux-lts-quantal OpenVAS Vulnerability Test $Id: gbubuntuUSN17041.nasl 8466 2018-01-19 06:58:30Z teissa $ Ubuntu Update for linux-lts-quantal USN-1704-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This...

myu-s / PHP WeblogSystem by netmania vulnerable to cross-site scripting

Overview myu-s and PHP WeblogSystem by netmania contain a cross-site scripting vulnerability. myu-s and PHP WeblogSystem by netmania provided by FLUGELz contain a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software...

Debian DSA-2610-1 : ganglia - arbitrary script execution

Insufficient input sanitization in Ganglia, a web-based monitoring system, could lead to remote PHP script execution with permissions of the user running the web server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

Debian Security Advisory DSA 2610-1 (ganglia - arbitrary script execution)

Insufficient input sanitization in Ganglia, a web based monitoring system, could lead to remote PHP script execution with permissions of the user running the web server. OpenVAS Vulnerability Test $Id: deb2610.nasl 6611 2017-07-07 12:07:20Z cfischer $ Auto-generated from advisory DSA 2610-1 using...

[USN-1696-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-1696-1 January 18, 2013 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

Ubuntu: Security Advisory (USN-1699-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...