Spiceworks 6.0.00993 Cross Site Scripting

Exploit for php platform in category web applications 0day.today 2018-01-10...

Spiceworks 6.0.00993 Multiple Script Injection Vulnerabilities

Summary The Spiceworks IT Desktop delivers nearly everything you need to simplify your IT job. Available in a variety of languages, Spiceworks' single, easy-to-use interface combines Network Inventory, Help Desk, Mapping, Reporting, Monitoring and Troubleshooting. And, it connects you with other ...

Spiceworks Client Version Detection

Binary data 6567.prm...

SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting (Authenticated) SQL Injection

SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting Authenticated SQL Injection Product: SpiceWorks Version: 5.3.75941 Vendor Site: http://www.spiceworks.com/community/ Software Download Link:...

SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting / (Authenticated) SQL Injection

Product: SpiceWorks Version: 5.3.75941 Vendor Site: http://www.spiceworks.com/community/ Software Download Link: http://www.spiceworks.com/download/?utmsource=comm-secondary-link&utmmedium=website&utmcampaign=homepage Installer Filename: Spiceworks.exe MD5: 023bd361c0f9402dc07adbc5a72fe31d Contac...

Spiceworks HTTP Response Accept Header Handling Overflow DoS

The remote host is running Spiceworks IT Desktop, an application used to inventory, monitor, manage and report on software and hardware assets in small and medium-sized businesses. The installed version of Spiceworks is earlier than 4.0. Such versions are reportedly affected by a buffer overflow...

Spiceworks 3.6.31847 XSS / XSRF

nGenuity Information Services - Security Advisory Advisory ID: NGENUITY-2009-009 - Spiceworks Multiple Vulnerabilities XSS & CSRF Application: Spiceworks 3.6.31847 Vendor: Spiceworks Vendor website: http://www.spiceworks.com Author: Adam Baldwin [email protected] Class: XSS, CSRF I...

[NGENUITY] - Spiceworks Multiple Vulnerabilities (XSS & CSRF)

nGenuity Information Services - Security Advisory Advisory ID: NGENUITY-2009-009 - Spiceworks Multiple Vulnerabilities XSS & CSRF Application: Spiceworks 3.6.31847 Vendor: Spiceworks Vendor website: http://www.spiceworks.com Author: Adam Baldwin [email protected] Class: XSS, CSRF I...

Spiceworks 3.6 Overflow

!/usr/bin/python Spiceworks 3.6 Accept Parameter Overflow Remote Crash P.O.C. Written by: SecureState R&D Author: David Kennedy ReL1K Tested on Windows 2003 SP2 R2 Vendor Notified on: 05/11/2009 Vendor Fix: Fixed in version 4.0 esi 000334E0 ASCII "AAAAAAAAAAAAAAAAAA" edi 000334E0 ASCII...

SpiceWorks - query Cross-Site Scripting

SpiceWorks - query Cross-Site Scripting source: https://www.securityfocus.com/bid/43248/info Spiceworks is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser o...

SpiceWorks - 'query' Cross-Site Scripting

source: https://www.securityfocus.com/bid/43248/info Spiceworks is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

Spiceworks 3.6 Accept Parameter Overflow Crash Exploit

Exploit for unknown platform in category dos / poc ====================================================== Spiceworks 3.6 Accept Parameter Overflow Crash Exploit ====================================================== !/usr/bin/python Spiceworks 3.6 Accept Parameter Overflow Remote Crash P.O.C...

SpiceWorks 3.6 - Accept Overflow Crash

SpiceWorks 3.6 - Accept Overflow Crash !/usr/bin/python Spiceworks 3.6 Accept Parameter Overflow Remote Crash P.O.C. Written by: SecureState R&D Author: David Kennedy ReL1K Tested on Windows 2003 SP2 R2 Vendor Notified on: 05/11/2009 Vendor Fix: Fixed in version 4.0 esi 000334E0 ASCII...

Spiceworks 3.6 Accept Parameter Overflow Crash Exploit

No description provided by source. !/usr/bin/python Spiceworks 3.6 Accept Parameter Overflow Remote Crash P.O.C. Written by: SecureState R&D Author: David Kennedy ReL1K Tested on Windows 2003 SP2 R2 Vendor Notified on: 05/11/2009 Vendor Fix: Fixed in version 4.0 esi 000334E0 ASCII...

SpiceWorks 3.6 - 'Accept' Overflow Crash

!/usr/bin/python Spiceworks 3.6 Accept Parameter Overflow Remote Crash P.O.C. Written by: SecureState R&D Author: David Kennedy ReL1K Tested on Windows 2003 SP2 R2 Vendor Notified on: 05/11/2009 Vendor Fix: Fixed in version 4.0 esi 000334E0 ASCII "AAAAAAAAAAAAAAAAAA" edi 000334E0 ASCII...