Lucene search
K

74 matches found

CVE
CVE
added 2006/04/20 10:0 a.m.50 views

CVE-2006-1897

CVE-2006-1897 affects Webplus (aka talentsoft) Web+Shop 5.3.6. The vulnerability arises when the Redirect URL for the “Script Not Found” error is not configured, allowing remote attackers to cause information disclosure via the storeid parameter in store.wml within webplus.exe, revealing the path...

5CVSS6.5AI score0.01683EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2006/04/20 10:0 a.m.18 views

CVE-2006-1897

Webplus aka talentsoft Web+Shop 5.3.6, when Redirect URL for "Script Not Found" Error is not configured, allows remote attackers to obtain sensitive information via a quote ' or possibly other invalid value in the storeid parameter in store.wml in webplus.exe, which reveals the path in a "Script...

6.5AI score0.01683EPSS
Exploits1References6
Prion
Prion
added 2006/04/11 12:2 a.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in webplus.exe in TalentSoft Web+Shop 5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the deptname parameter, possibly involving the webpshop/ department.wml script...

4.3CVSS6.3AI score0.01696EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2006/04/11 12:2 a.m.17 views

CVE-2006-1682

Cross-site scripting XSS vulnerability in webplus.exe in TalentSoft Web+Shop 5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the deptname parameter, possibly involving the webpshop/ department.wml script...

4.3CVSS5.8AI score0.01696EPSS
Exploits1References5
CVE
CVE
added 2006/04/10 11:0 p.m.48 views

CVE-2006-1682

CVE-2006-1682 describes a cross-site scripting (XSS) vulnerability in webplus.exe within TalentSoft Web+Shop 5.0 and earlier. The issue allows remote attackers to inject arbitrary web script or HTML via the deptname parameter, potentially involving the webpshop/ department.wml script. The descrip...

4.3CVSS5.8AI score0.01696EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2006/04/10 11:0 p.m.20 views

CVE-2006-1682

Cross-site scripting XSS vulnerability in webplus.exe in TalentSoft Web+Shop 5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the deptname parameter, possibly involving the webpshop/ department.wml script...

5.8AI score0.01696EPSS
Exploits1References5
exploitpack
exploitpack
added 2006/04/07 12:0 a.m.11 views

TalentSoft Web+ Shop 5.0 - Deptname Cross-Site Scripting

TalentSoft Web+ Shop 5.0 - Deptname Cross-Site Scripting source: https://www.securityfocus.com/bid/17418/info Web+ Shop is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2006/04/07 12:0 a.m.25 views

TalentSoft Web+ Shop 5.0 - 'Deptname' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17418/info Web+ Shop is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.27 views

TalentSoft Web+ Version Report

This plug-in detects the version of Web+ CGI. The Web+ CGI has a known vulnerability that enables a remote attacker to gain access to local files. This test in itself does not verify the vulnerability but rather tries to discover the version of Web+ which is installed. SPDX-FileCopyrightText: 200...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/02/24 12:0 a.m.38 views

TalentSoft Web+ webplus.exe Path Disclosure

The remote host appears to be running Web+ Application Server. The version of Web+ installed on the remote host reveals the physical path of the application when it receives a script file error. %NASLMINLEVEL 70300 This script was written by David Kyger See the Nessus Scripts License for details...

5.5AI score
Exploits0References1
NVD
NVD
added 2002/08/12 4:0 a.m.12 views

CVE-2002-0753

Buffer overflow in Talentsoft Web+ 5.0 allows remote attackers to execute arbitrary code via an HTTP request with a long cookie...

10CVSS7.9AI score0.05855EPSS
Exploits0References3
CERT
CERT
added 2002/08/05 12:0 a.m.31 views

Talentsoft Web+ contains buffer overflow in "webpsvc.exe"

Overview Talentsoft's Web+ development platform contains a buffer overflow in a component that also installs by default into all web sites produced by Web+. Description Talentsoft Web+ is a set of tools for accelerated web site development. A component of Web+ named "webpsvc.exe" contains a buffe...

10CVSS7.4AI score0.08961EPSS
Exploits0References2
NVD
NVD
added 2002/07/26 4:0 a.m.11 views

CVE-2002-0449

Buffer overflow in webpsvc.exe for Talentsoft Web+ 5.0 and earlier allows remote attackers to execute arbitrary code via a long argument to webplus.exe program, which triggers the overflow in webpsvc.exe...

10CVSS7.9AI score0.08961EPSS
Exploits0References5
NVD
NVD
added 2002/07/26 4:0 a.m.12 views

CVE-2002-0450

Buffer overflow in Talentsoft Web+ 5.0 and earlier allows remote attackers to execute arbitrary code via a long Web Markup Language wml file name to 1 webplus.dll or 2 webplus.exe...

10CVSS7.9AI score0.05332EPSS
Exploits0References4
Cvelist
Cvelist
added 2002/07/26 4:0 a.m.20 views

CVE-2002-0753

Buffer overflow in Talentsoft Web+ 5.0 allows remote attackers to execute arbitrary code via an HTTP request with a long cookie...

7.9AI score0.05855EPSS
Exploits0References3
CVE
CVE
added 2002/07/26 4:0 a.m.41 views

CVE-2002-0753

CVE-2002-0753 : Buffer overflow in Talentsoft Web+ 5.0 allows remote attackers to execute arbitrary code via an HTTP request with a long cookie. The connected documents confirm the vulnerability description but do not provide additional technical details, affected versions beyond 5.0, exploit spe...

10CVSS8.3AI score0.05855EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2002/06/11 4:0 a.m.47 views

CVE-2002-0450

CVE-2002-0450 affects Talentsoft Web+ 5.0 and earlier. A buffer overflow is triggered by a long Web Markup Language (wml) file name passed to webplus.dll or webplus.exe, enabling remote code execution. The connected sources (NVD/CVE forms) confirm the affected product and method (buffer overflow ...

10CVSS8.3AI score0.05332EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2002/06/11 4:0 a.m.18 views

CVE-2002-0450

Buffer overflow in Talentsoft Web+ 5.0 and earlier allows remote attackers to execute arbitrary code via a long Web Markup Language wml file name to 1 webplus.dll or 2 webplus.exe...

7.9AI score0.05332EPSS
Exploits0References4
CVE
CVE
added 2002/06/11 4:0 a.m.47 views

CVE-2002-0449

CVE-2002-0449 affects Talentsoft Web+ up to version 5.0, where a buffer overflow in the Web+ component webpsvc.exe (triggered via a crafted URI in webplus.exe ) allows remote code execution. The vulnerability can execute code with the privileges of the user running webpsvc.exe (often SYSTEM). CER...

10CVSS7.9AI score0.08961EPSS
Exploits0References5Affected Software1
securityvulns
securityvulns
added 2002/04/18 12:0 a.m.50 views

Buffer overflow in Talentsoft Web+

Buffer overflows in CGI supplied applications, cookie processing...

3.4AI score
Exploits0References3
Rows per page
Query Builder