Lucene search
K

187 matches found

Packet Storm
Packet Storm
added 2016/02/25 12:0 a.m.26 views

Open Web Analytics 1.5.7 Cross Site Scripting

Exploit Title: Open Web Analytics v1.5.7 Cross-Site Scripting Author: 1N3 @CrowdShield https://crowdshield.com Vendor: http://www.openwebanalytics.com/ Date: 02/24/2016 Description: Open Web Analytics suffers from a Cross-Site Scripting vulnerability in the owasiteid parameter because it fails to...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2016/01/07 12:0 a.m.25 views

Web Analytics Service跨站脚本漏洞

No description provided by source...

7.1AI score
Exploits0
CNVD
CNVD
added 2015/12/30 12:0 a.m.3 views

Web Analytics Service Cross-Site Scripting Vulnerability

Web Analytics Service is a web analytics server. A cross-site scripting vulnerability exists in the JavaScript module of Web Analytics Service. This allows remote attackers to inject arbitrary web script or HTML code via unspecified vectors...

6.1CVSS6.2AI score0.0102EPSS
Exploits0References1
NVD
NVD
added 2015/12/29 5:59 p.m.14 views

CVE-2015-7786

Cross-site scripting XSS vulnerability in the NTT DATA Smart Sourcing JavaScript module 2003-11-26 through 2013-07-09 for Web Analytics Service allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6AI score0.0102EPSS
Exploits0References4
Prion
Prion
added 2015/12/29 5:59 p.m.9 views

Cross site scripting

Cross-site scripting XSS vulnerability in the NTT DATA Smart Sourcing JavaScript module 2003-11-26 through 2013-07-09 for Web Analytics Service allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.0102EPSS
Exploits0References4
CVE
CVE
added 2015/12/29 5:0 p.m.52 views

CVE-2015-7786

CVE-2015-7786: Cross-site scripting in the NTT DATA Smart Sourcing JavaScript module used by Web Analytics Service (distributed 2003-11-26 to 2013-07-09). The vulnerability allows an attacker to inject arbitrary script/HTML via unspecified vectors. Affected component is the Web Analytics Service ...

6.1CVSS6AI score0.0102EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2015/12/29 5:0 p.m.21 views

CVE-2015-7786

Cross-site scripting XSS vulnerability in the NTT DATA Smart Sourcing JavaScript module 2003-11-26 through 2013-07-09 for Web Analytics Service allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6AI score0.0102EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/12/08 5:29 a.m.2 views

Web Analytics Service vulnerable to cross-site scripting

Overview The JavaScript module for using Web Analytics Service which was provided by NTT DATA Smart Sourcing Corporation contains a cross-site scripting vulnerability CWE-79 due to a flaw in escaping process. According to the developer, this script was distributed from 26 November, 2003 to 9 July...

6.1CVSS6AI score0.0102EPSS
Exploits0References5
FireEye
FireEye
added 2015/11/16 1:0 p.m.26 views

Pinpointing Targets: Exploiting Web Analytics to Ensnare Victims

Over the past year, FireEye Threat Intelligence has identified suspected nation-state sponsored cyber-actors engaged in a large-scale reconnaissance effort. This effort makes use of web analytics—the technologies to collect, analyze, and report data The individuals behind this activity have amass...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2015/09/24 8:26 p.m.13 views

Lenovo Caught (3rd Time) Pre-Installing Spyware on its Laptops

Lenovo has once again been caught installing spyware on its laptops and workstations without the user's permission or knowledge. One of the most popular computer manufacturers is being criticized for selling some refurbished laptop models pre-installed with invasive marketing software that sends...

6.6AI score
Exploits0
securityvulns
securityvulns
added 2015/07/27 12:0 a.m.46 views

Open-Web-Analytics-1.5.7 Cryptographic, Password Disclosure & XSS Vulnerabilities

Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-OPENWEBANALYTICS0721.txt Vendor: ================================ www.openwebanalytics.com Product: ================================ Open-Web-Analytics-1.5.7 Advisory...

6.5AI score
Exploits0
0day.today
0day.today
added 2015/07/23 12:0 a.m.30 views

Open Web Analytics 1.5.7 Multiple Vulnerabilities

Open Web Analytics version 1.5.7 suffers from password disclosure, weak cryptographic control, and cross site scripting vulnerabilities. + Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-OPENWEBANALYTICS0721.txt Vendor:...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2015/07/22 12:0 a.m.41 views

Open Web Analytics 1.5.7 XSS / Password Disclosure / Crypto Weakness

Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-OPENWEBANALYTICS0721.txt Vendor: ================================ www.openwebanalytics.com Product: ================================ Open-Web-Analytics-1.5.7 Advisory...

0.1AI score
Exploits0
Drupal
Drupal
added 2014/12/10 12:0 a.m.20 views

SA-CONTRIB-2014-120 - Piwik Web Analytics - Information disclosure

This module enables you to integrate Drupal with Piwik Web Analytics. The module leaks the site specific hash salt to authenticated users when user-id tracking is turned on. This vulnerability is mitigated by the fact that user-id tracking must be turned on and the attacker needs to have an accou...

6.9AI score
Exploits0References11
0day.today
0day.today
added 2014/11/30 12:0 a.m.44 views

Open Web Analytics 1.5.6 PHP Object Injection Vulnerability

Exploit for php platform in category web applications Open Web Analytics setSetting'base', 'isremoteeventqueue', true; $owa-e-debug$POST; $rawevent = owacoreAPI::getRequestParam'event'; if $rawevent $dispatch = owacoreAPI::getEventDispatch; $event = unserialize base64decode $rawevent ;...

9.2AI score0.02808EPSS
Exploits2
Packet Storm
Packet Storm
added 2014/07/16 12:0 a.m.43 views

Open Web Analytics 1.5.7 Cross Site Scripting / Remote File Inclusion

Exploit Title : Open Web Analytics - v: 1.5.7 multiple vulnerability Author : Govind Singh aka NullPort Vendor : http://www.openwebanalytics.com/ Download Link : http://downloads.openwebanalytics.com/ Google Dork : "powered by Open Web Analytics" Date : 14/07/2014 Discovered at : IHT Lab 1ND14N...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

Open Web Analytics 1.2.3 multi file include

No description provided by source. =========================================================================== Topic : Open Web Analytics 1.2.3 Bug type : multi file include Download : http://downloads.openwebanalytics.com/owa/owa123.tar Advisory :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

Piwik Open Flash Chart Remote Code Execution Vulnerability

No description provided by source. Bugtraq ID: 37314 Class: Input Validation Error CVE: Remote: Yes Local: No Published: Dec 14 2009 12:00AM Updated: Dec 17 2009 06:03PM Credit: Braeden Thomas Vulnerable: Piwik Piwik 0.4.3 Piwik Piwik 0.4.2 Piwik Piwik 0.4.1 Piwik Piwik 0.4 Piwik Piwik 0.2.37 Piw...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

Open Web Analytics 1.5.4 - (owa_email_address param) - SQL Injection Vulnerability

No description provided by source...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/05/27 12:0 a.m.12 views

Open Web Analytics Detection

Binary data openwebanalyticsdetect.nbin...

7.3AI score
Exploits0References1
Rows per page
Query Builder