Lucene search
K

143 matches found

securityvulns
securityvulns
added 2008/05/22 12:0 a.m.31 views

SAP Web Application Server crossite scripting

Crossite scripting with /sap/bc/gui/sap/its/webgui/...

1.3AI score
Exploits0References1
exploitpack
exploitpack
added 2008/05/21 12:0 a.m.17 views

SAP Web Application Server 7.0 - sapbcguisapitswebgui Cross-Site Scripting

SAP Web Application Server 7.0 - sapbcguisapitswebgui Cross-Site Scripting source: https://www.securityfocus.com/bid/29317/info SAP Web Application Server is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2008/05/21 12:0 a.m.68 views

SAP Web Application Server 7.0 - '/sap/bc/gui/sap/its/webgui/' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29317/info SAP Web Application Server is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2008/03/15 12:0 a.m.48 views

Adobe ColdFusion多个跨站脚本及无效日志漏洞

BUGTRAQ ID: 28205,28207 CVECAN ID: CVE-2008-0643,CVE-2008-0644,CVE-2008-1203 ColdFusion MX是一款高效的网络应用服务器开发环境,具有很高的易用性和开发效率,基于标准的Java技术,可以与XML、Web Services和Microsoft.NET环境相集成。 如果ColdFusion应用的Application.cfm或Application.cfc包含有setEncoding函数的话,远程攻击者就可以通过提交恶意请求执行跨站脚本攻击。...

7.5CVSS6.4AI score0.15481EPSS
Exploits1
erpscan
erpscan
added 2008/01/25 12:0 a.m.33 views

SAP Netviewer 7.0 — XSS Security Vulnerability

Application: SAP Web Application Server, Web Dynpro ABAP and for BSP Versions Affected: Version 7.0 Vendor URL: Bugs: XSS Exploits: YES Reported: 25.01.2008 Vendor response: 25.01.2008 Date of Public Advisory: 21.05.2008 CVE number: 2008-2421 Description: XSS IN BPELCONSOLE/DEFAULT/ACTIVITIES.JSP...

Exploits0
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.22 views

Debian Security Advisory DSA 1176-1 (zope2.7)

The remote host is missing an update to zope2.7 announced via advisory DSA 1176-1. It was discovered that the Zope web application server does not disable the csvtable directive in web pages containing ReST markup, allowing the exposure of files readable by the Zope server. OpenVAS Vulnerability...

5CVSS6.5AI score0.02378EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.14 views

Debian: Security Advisory (DSA-910-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.03046EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.15 views

Debian: Security Advisory (DSA-490)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.01427EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.28 views

Debian Security Advisory DSA 1275-1 (zope2.7)

The remote host is missing an update to zope2.7 announced via advisory DSA 1275-1. A cross-site scripting vulnerability in zope, a web application server, could allow an attacker to inject arbitrary HTML and/or JavaScript into the victim's web browser. This code would run within the security...

4.3CVSS6.1AI score0.01562EPSS
Exploits0
seebug.org
seebug.org
added 2007/02/11 12:0 a.m.19 views

SAP 'enserver.exe' file downloader

No description provided by source. !/usr/bin/perl -w SAP 'enserver.exe' file downloader Tested on "SAP Web Application Server Java 6.40" eval DVD Found & coded by Nicob The downloaded file is limited to the first 32 kilobytes Usual port : TCP/3200+SYSNR Exemple : ./r3-stealer-1.0.pl 192.168.2.22...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2007/02/09 12:0 a.m.48 views

SAP Web Application Server multiple security vulnerabilities

Directory traversal, local privilege escalation, DoS...

3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2007/02/09 12:0 a.m.57 views

Multiple vulnerabilities in SAP WebAS 6.40 and 7.00 (technical details)

Multiple vulnerabilities in SAP Web Application Server Technical details Application : SAP Web AS 6.40 patch 136 and 7.00 patch 66 Platform : All platforms except the third vulnerability Impacts : Remote file disclosure, remote DoS, local privilege escalation Release Date : 8 February 2007 Author...

1AI score
Exploits0
exploitpack
exploitpack
added 2007/02/08 12:0 a.m.12 views

SAP Web Application Server 6.40 - Arbitrary File Disclosure

SAP Web Application Server 6.40 - Arbitrary File Disclosure !/usr/bin/perl -w SAP 'enserver.exe' file downloader Tested on "SAP Web Application Server Java 6.40" eval DVD Found & coded by Nicob The downloaded file is limited to the first 32 kilobytes Usual port : TCP/3200+SYSNR Exemple :...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/02/08 12:0 a.m.35 views

SAP Web Application Server 6.40 - Arbitrary File Disclosure

!/usr/bin/perl -w SAP 'enserver.exe' file downloader Tested on "SAP Web Application Server Java 6.40" eval DVD Found & coded by Nicob The downloaded file is limited to the first 32 kilobytes Usual port : TCP/3200+SYSNR Exemple : ./r3-stealer-1.0.pl 192.168.2.22 3201 "c:\boot.ini" From MSDN Win2K...

7.4AI score
Exploits0
CERT
CERT
added 2007/01/19 12:0 a.m.17 views

SAP Internet Graphics Service buffer overflow

Overview SAP Internet Graphics Service contains a buffer overflow. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description According to SAP,The Internet Graphics Service IGS constitutes the infrastructure to enable the...

8.3AI score
Exploits0References2
CVE
CVE
added 2007/01/04 2:0 a.m.61 views

CVE-2006-6853

Durian Web Application Server 3.02 freeware on Windows is affected by a buffer overflow vulnerability. The issue allows remote code execution via a crafted packet containing a long string sent to TCP port 4002, leading to untrusted data being processed by the server. The CVE description specifies...

10CVSS8.3AI score0.08007EPSS
Exploits1References5Affected Software1
seebug.org
seebug.org
added 2007/01/04 12:0 a.m.96 views

Durian Web Application Server远程缓冲区溢出漏洞

Durian Web Application Server是一款WEB应用服务程序。 Durian Web Application Server不正确处理畸形请求,远程攻击者可以利用漏洞对应用程序进行拒绝服务或缓冲区溢出攻击。 提交超长请求可导致缓冲区溢出,或者提交畸形请求可显示1000个访问冲突对话框而造成拒绝服务攻击。 Durian Web Application Server 3.02 目前没有解决方案提供: http://sourceforge.net/projects/durian/ //Durian Web Application Server 3.02 freeware f...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/01/01 12:0 a.m.17 views

Durian Web Application Server 3.02 freeware for Win32 buffer overflow execute command exploit

No description provided by source. ?php / Durian Web Application Server 3.02 freeware for Win32 buffer overflow execute command exploit by rgod mail: retrog at alice dot it site: http://retrogod.altervista.org tested against xp sp2 ita software site - http://sourceforge.net/projects/durian/ /...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2006/12/31 12:0 a.m.48 views

Durian Web Application Server multiple security vulnerabilities

Buffer overflow on oversized request...

4.6AI score
Exploits0Affected Software1
seebug.org
seebug.org
added 2006/12/30 12:0 a.m.25 views

Durian Web Application Server 3.02 Remote Buffer Overflow Exploit

No description provided by source. ?php / Durian Web Application Server 3.02 freeware for Win32 buffer overflow execute command exploit by rgod mail: retrog at alice dot it site: http://retrogod.altervista.org tested against xp sp2 ita software site - http://sourceforge.net/projects/durian/ /...

7.1AI score
Exploits0
Rows per page
Query Builder