Authentication flaw

The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlsetroodkcableoj28840ybtide...

PT-2013-5931 · D Link +2 · D-Link Di-604 +8

Name of the Vulnerable Software and Affected Versions: D-Link DIR-100 D-Link DIR-120 D-Link DI-624S D-Link DI-524UP D-Link DI-604S D-Link DI-604UP D-Link DI-604+ D-Link TM-G5240 Planex BRL-04R Planex BRL-04UR Planex BRL-04CW Alpha Networks routers affected versions not specified Description: The...

CVE-2013-1104

The HTTP Profiling functionality on Cisco Wireless LAN Controller WLC devices with software 7.3.101.0 allows remote authenticated users to execute arbitrary code via a crafted HTTP User-Agent header, aka Bug ID CSCuc15636...

Microsoft Lync 2010 4.0.7577.0 - User-Agent Header Handling Arbitrary Command Execution

source: https://www.securityfocus.com/bid/57300/info Microsoft Lync is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the contex...

PT-2012-1885 · Wikkawiki · Wikkawiki

Name of the Vulnerable Software and Affected Versions: WikkaWiki versions 1.3.1 through 1.3.2 Description: The issue allows remote attackers to write arbitrary PHP code to the spamlog path file via the User-Agent HTTP header in an addcomment request when the spam logging option is enabled. The...

CVE-2012-2633

Cross-site scripting XSS vulnerability in wassup.php in the WassUp plugin before 1.8.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header...

Cross site scripting

Cross-site scripting XSS vulnerability in wassup.php in the WassUp plugin before 1.8.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header...

CVE-2012-2633

Cross-site scripting XSS vulnerability in wassup.php in the WassUp plugin before 1.8.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header...

WordPress WassUp Plugin <= 1.8.3.0 - XSS

Because of this vulnerability in wassup.php, the attackers can inject arbitrary web script or HTML via the User-Agent HTTP header. Solution Update the plugin...

CVE-2011-3294

Cross-site scripting XSS vulnerability in the login page in the administrative interface on Cisco TelePresence Video Communication Servers VCS with software before X7.0 allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header, aka Bug ID CSCts80342...

CVE-2011-1357

Cross-site scripting XSS vulnerability in agentDetect.jsp in the web UI in IBM WebSphere Service Registry and Repository WSRR 6.3 before 6.3.0.5, 7.0 before 7.0.0.5, and 7.5 before 7.5.0.1 allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header...

Nmap NSE net: http-userdir-enum

Attempts to enumerate valid usernames on web servers running with the moduserdir module or similar enabled. The Apache moduserdir module allows user-specific directories to be accessed using the http://example.com/user/ syntax. This script makes http requests in order to discover valid user-...

Nmap NSE net: http-brute

Performs brute force password auditing against http basic authentication. SYNTAX: brute.firstonly: stop guessing after first password is found default: false brute.unique: make sure that each password is only guessed once default: true http-brute.hostname: sets the host header in case of virtual...

Nmap NSE net: http-auth

Retrieves the authentication scheme and realm of a web service that requires authentication. SYNTAX: http.pipeline: If set, it represents the number of HTTP requests that'll be pipelined ie, sent in a single request. This can be set low to make debugging easier, or it can be set high to test how ...

Nmap NSE net: http-methods

Finds out what options are supported by an HTTP server by sending an OPTIONS request. Lists potentially risky methods. Optionally tests each method individually to see if they are subject to e.g. IP address restrictions. In this script, 'potentially risky' methods are anything except GET, HEAD,...

Nmap NSE net: couchdb-stats

Gets database statistics from a CouchDB database. For more info about the CouchDB HTTP API and the statistics, see http://wiki.apache.org/couchdb/RuntimeStatistics and http://wiki.apache.org/couchdb/HTTPdatabaseAPI. SYNTAX: http.pipeline: If set, it represents the number of HTTP requests that'll ...

Nmap NSE net: http-malware-host

Looks for signature of known server compromises. Currently, the only signature it looks for is the one discussed here: http://blog.unmaskparasites.com/2009/09/11/dynamic-dns-and-botnet-of-zombie-web-servers/. This is done by requesting the page '/ts/in.cgi?open2' and looking for an errant 302 it...

Nmap NSE net: whois

Queries the WHOIS services of Regional Internet Registries RIR and attempts to retrieve information about the IP Address Assignment which contains the Target IP Address. In using this script your IP address will be sent to iana.org. Additionally your address and the address of the target of the...

Nmap NSE net: http-vhosts

Searches for web virtual hostnames by making a large number of HEAD requests against http servers using common hostnames. Each HEAD request provides a different 'Host' header. The hostnames come from a built-in default list. Shows the names that return a document. Also shows the location of...

Nmap NSE net: http-php-version

Attempts to retrieve the PHP version from a web server. PHP has a number of magic queries that return images or text that can vary with the PHP version. This script uses the following queries: '/?=PHPE9568F36-D428-11d2-A769-00AA001ACF42': gets a GIF logo, which changes on April Fool's Day...