187 matches found
Open Web Analytics 1.5.7 Cross Site Scripting
Exploit Title: Open Web Analytics v1.5.7 Cross-Site Scripting Author: 1N3 @CrowdShield https://crowdshield.com Vendor: http://www.openwebanalytics.com/ Date: 02/24/2016 Description: Open Web Analytics suffers from a Cross-Site Scripting vulnerability in the owasiteid parameter because it fails to...
Web Analytics Service跨站脚本漏洞
No description provided by source...
Web Analytics Service Cross-Site Scripting Vulnerability
Web Analytics Service is a web analytics server. A cross-site scripting vulnerability exists in the JavaScript module of Web Analytics Service. This allows remote attackers to inject arbitrary web script or HTML code via unspecified vectors...
CVE-2015-7786
Cross-site scripting XSS vulnerability in the NTT DATA Smart Sourcing JavaScript module 2003-11-26 through 2013-07-09 for Web Analytics Service allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the NTT DATA Smart Sourcing JavaScript module 2003-11-26 through 2013-07-09 for Web Analytics Service allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-7786
CVE-2015-7786: Cross-site scripting in the NTT DATA Smart Sourcing JavaScript module used by Web Analytics Service (distributed 2003-11-26 to 2013-07-09). The vulnerability allows an attacker to inject arbitrary script/HTML via unspecified vectors. Affected component is the Web Analytics Service ...
CVE-2015-7786
Cross-site scripting XSS vulnerability in the NTT DATA Smart Sourcing JavaScript module 2003-11-26 through 2013-07-09 for Web Analytics Service allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Web Analytics Service vulnerable to cross-site scripting
Overview The JavaScript module for using Web Analytics Service which was provided by NTT DATA Smart Sourcing Corporation contains a cross-site scripting vulnerability CWE-79 due to a flaw in escaping process. According to the developer, this script was distributed from 26 November, 2003 to 9 July...
Pinpointing Targets: Exploiting Web Analytics to Ensnare Victims
Over the past year, FireEye Threat Intelligence has identified suspected nation-state sponsored cyber-actors engaged in a large-scale reconnaissance effort. This effort makes use of web analytics—the technologies to collect, analyze, and report data The individuals behind this activity have amass...
Lenovo Caught (3rd Time) Pre-Installing Spyware on its Laptops
Lenovo has once again been caught installing spyware on its laptops and workstations without the user's permission or knowledge. One of the most popular computer manufacturers is being criticized for selling some refurbished laptop models pre-installed with invasive marketing software that sends...
Open-Web-Analytics-1.5.7 Cryptographic, Password Disclosure & XSS Vulnerabilities
Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-OPENWEBANALYTICS0721.txt Vendor: ================================ www.openwebanalytics.com Product: ================================ Open-Web-Analytics-1.5.7 Advisory...
Open Web Analytics 1.5.7 Multiple Vulnerabilities
Open Web Analytics version 1.5.7 suffers from password disclosure, weak cryptographic control, and cross site scripting vulnerabilities. + Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-OPENWEBANALYTICS0721.txt Vendor:...
Open Web Analytics 1.5.7 XSS / Password Disclosure / Crypto Weakness
Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-OPENWEBANALYTICS0721.txt Vendor: ================================ www.openwebanalytics.com Product: ================================ Open-Web-Analytics-1.5.7 Advisory...
SA-CONTRIB-2014-120 - Piwik Web Analytics - Information disclosure
This module enables you to integrate Drupal with Piwik Web Analytics. The module leaks the site specific hash salt to authenticated users when user-id tracking is turned on. This vulnerability is mitigated by the fact that user-id tracking must be turned on and the attacker needs to have an accou...
Open Web Analytics 1.5.6 PHP Object Injection Vulnerability
Exploit for php platform in category web applications Open Web Analytics setSetting'base', 'isremoteeventqueue', true; $owa-e-debug$POST; $rawevent = owacoreAPI::getRequestParam'event'; if $rawevent $dispatch = owacoreAPI::getEventDispatch; $event = unserialize base64decode $rawevent ;...
Open Web Analytics 1.5.7 Cross Site Scripting / Remote File Inclusion
Exploit Title : Open Web Analytics - v: 1.5.7 multiple vulnerability Author : Govind Singh aka NullPort Vendor : http://www.openwebanalytics.com/ Download Link : http://downloads.openwebanalytics.com/ Google Dork : "powered by Open Web Analytics" Date : 14/07/2014 Discovered at : IHT Lab 1ND14N...
Open Web Analytics 1.2.3 multi file include
No description provided by source. =========================================================================== Topic : Open Web Analytics 1.2.3 Bug type : multi file include Download : http://downloads.openwebanalytics.com/owa/owa123.tar Advisory :...
Piwik Open Flash Chart Remote Code Execution Vulnerability
No description provided by source. Bugtraq ID: 37314 Class: Input Validation Error CVE: Remote: Yes Local: No Published: Dec 14 2009 12:00AM Updated: Dec 17 2009 06:03PM Credit: Braeden Thomas Vulnerable: Piwik Piwik 0.4.3 Piwik Piwik 0.4.2 Piwik Piwik 0.4.1 Piwik Piwik 0.4 Piwik Piwik 0.2.37 Piw...
Open Web Analytics 1.5.4 - (owa_email_address param) - SQL Injection Vulnerability
No description provided by source...
Open Web Analytics Detection
Binary data openwebanalyticsdetect.nbin...