Lucene search
+L

832 matches found

CVE
CVE
added 2007/09/24 10:0 p.m.50 views

CVE-2007-5058

The CVE-2007-5058 issue affects the Barracuda Spam Firewall web administration interface. Affected component: login handling in the Web UI where the username field can inject arbitrary script/HTML when the Monitor Web Syslog screen is open. Root cause: improper handling of input in the login cont...

4.3CVSS5.8AI score0.01569EPSS
Exploits0References10Affected Software1
securityvulns
securityvulns
added 2007/09/24 12:0 a.m.62 views

[ISR] - Barracuda Spam Firewall. Cross-Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 || ISR || || Infobyte Security Research || www.infobyte.com.ar || 09.21.2007 || .:: SUMMARY Barracuda Spam Firewall Cross-Site Scripting Version: Barracuda Spam Firewall firmware v3.4.10.102 It is suspected that all previous versions of Barracuda Sp...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2007/02/28 12:0 a.m.52 views

Nullsoft Shoutcast Server crossite scripting

Crossite scripting with web administration log...

4.3CVSS1.3AI score0.01774EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2007/02/12 12:0 a.m.39 views

IP3 NetAccess directory traversal

Directory traversal in Web administration interface...

5CVSS4AI score0.04215EPSS
Exploits1References1Affected Software1
Packet Storm
Packet Storm
added 2007/01/02 12:0 a.m.36 views

ashopcom-xss.txt

Ashop Commerce provides a turn-key ecommerce solution with it's revolutionary online store building software. One of the worlds most easy to use web based administrations with award winning features allows the merchant to set up an online store capable of competing with the webs most powerful...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/12/05 12:0 a.m.148 views

[ISecAuditors Advisories] BlueSocket web administration is vulnerable to XSS

============================================= INTERNET SECURITY AUDITORS ALERT 2006-007 - Original release date: April 27, 2006 - Last revised: December 1, 2006 - Discovered by: Jesus Olmos Gonzalez - Severity: 2/5 ============================================= I. VULNERABILITY...

0.9AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2006/10/02 12:0 a.m.15 views

JVN#93484133 TeraStation HD-HTGL series cross-site request forgery vulnerability

Impact If a TeraStation HD-HTGL administrator who logged into the web administration interface views a malicous website, an attacker could possibly modify configurations or delete data on the hard disk. Solution Products Affected HD-HTGL Series firmware Ver. 2.05-beta-1 and earlier...

7.3AI score
Exploits0
NVD
NVD
added 2006/07/13 1:5 a.m.18 views

CVE-2006-3567

Cross-site scripting XSS vulnerability in the web administration interface logging feature in Juniper Networks Redline DX 5.1.x, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the username login field...

4.3CVSS5.8AI score0.01348EPSS
Exploits0References8
Cvelist
Cvelist
added 2006/07/13 1:0 a.m.27 views

CVE-2006-3567

Cross-site scripting XSS vulnerability in the web administration interface logging feature in Juniper Networks Redline DX 5.1.x, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the username login field...

5.8AI score0.01348EPSS
Exploits0References8
securityvulns
securityvulns
added 2006/07/13 12:0 a.m.26 views

[SA20990] Juniper Networks DX System Log Script Insertion

---------------------------------------------------------------------- Hardcore Disassembler / Reverse Engineer Reversing must be a passion as your skills will be challenged on a daily basis and you will be working several hours everyday in IDA, Ollydbg, and with BinDiff. Often, it is also requir...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2006/07/11 12:0 a.m.42 views

Juniper DX crossite scripting

Web administration system log crossite scripting thorugh username...

1.6AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2006/06/11 12:0 a.m.43 views

MailEnable Enterprise Edition ASP Version <= 2.0

Hi, I'm Soroush Dalili from GrayHatz Security Group GSG. I found multiple bugs in MailEnable Enterprise Edition ASP Version = 2.0 that I listed them below: 1 - Any user can login to web administration site. 2 - Authenticated normal user can gain ADMIN or SYSADMIN level, also remote user can disab...

6.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/06/09 12:0 a.m.36 views

MailEnable Enterprise 2.0 - 'ASP' Multiple Vulnerabilities

Hi, I'm Soroush Dalili from GrayHatz Security Group GSG. I found multiple bugs in MailEnable Enterprise Edition ASP Version POSTOFFICE -----------------------End---------------------------- 2 Authenticated normal user can gain ADMIN or SYSADMIN level, also remote user can disable him/her account!...

7AI score
Exploits0
securityvulns
securityvulns
added 2006/06/07 12:0 a.m.44 views

TIBCO Rendezvous messaging software buffer overflow

Buffer overflow in web administration interface...

4AI score
Exploits0References2Affected Software3
securityvulns
securityvulns
added 2006/01/18 12:0 a.m.31 views

[VulnWatch] iDefense Security Advisory 01.17.06: Cisco Systems IOS 11 Web Service CDP Status Page Code Injection Vulnerability

Cisco Systems IOS 11 Web Service CDP Status Page Code Injection Vulnerability iDefense Security Advisory 01.17.06 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=372 January 17, 2006 I. BACKGROUND Cisco IOS Software is the world's leading network infrastructure software,...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2005/12/18 12:0 a.m.34 views

phpMyAdmin server_privileges.php SQL Injection Vulnerabilities.

phpMyAdmin serverprivileges.php SQL Injection Vulnerabilities. I. BACKGROUND phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. II. DESCRIPTION phpMyAdmin serverprivileges.php is prone to SQL Injection vulnerability. A remote attacker may execute...

0.4AI score
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.68 views

Detect SWAT server port

SWAT Samba Web Administration Tool is running on this port. SWAT allows Samba users to change their passwords, and offers to the sysadmin an easy-to-use GUI to configure Samba. However, it is not recommended to let SWAT be accessed by the world, as it allows an intruder to attempt to brute force...

7.2CVSS6.8AI score0.01287EPSS
Exploits1
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.15 views

Checkpoint Firewall open Web administration

The remote Checkpoint Firewall is open to Web administration. An attacker use it to launch a brute force password attack against the firewall, and eventually take control of it. OpenVAS Vulnerability Test $Id: checkpointopenwebadmin.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: Checkpoint...

0.4AI score
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.73 views

Linksys Gozila CGI DoS Vulnerability

The Linksys BEFSR41 EtherFast Cable/DSL Router crashes if somebody accesses the Gozila CGI without argument on the web administration interface. SPDX-FileCopyrightText: 2003 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective rig...

5CVSS6.8AI score0.07124EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.11 views

Oracle Web Administration Server Detection

We detected the remote web server as an Oracle Administration web server. This web server enables attackers to configure your Oracle Database server if they gain access to a valid authentication username and password. SPDX-FileCopyrightText: 2001 SecuriTeam Some text descriptions might be excerpt...

7.2AI score
Exploits0
Rows per page
Query Builder