RaidenHTTPD Cross Site Scripting and Local File Include Vulnerabilities

RaidenHTTPD is prone to local file-include and cross-site scripting vulnerabilities because the application fails to properly sanitize user- supplied input. These issues affect the WebAdmin component. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a...

RaidenHTTPD Cross Site Scripting and Local File Include Vulnerabilities

RaidenHTTPD is prone to local file-include and cross-site scripting vulnerabilities because the application fails to properly sanitize user- supplied input. These issues affect the WebAdmin component. An attacker may leverage the cross-site scripting issue to execute arbitrary script code in the...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in webadmin/admin.php in @mail 5.6.1 allow remote attackers to inject arbitrary web script or HTML via the 1 type and 2 func parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

CVE-2009-2455

Multiple cross-site scripting XSS vulnerabilities in webadmin/admin.php in @mail 5.6.1 allow remote attackers to inject arbitrary web script or HTML via the 1 type and 2 func parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

CVE-2009-2455

Atmail WebMail

Axigen WebMail/WebAdmin Detection (HTTP)

HTTP based detection of Axigen WebMail SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.100176";...

Atmail WebMail <= 5.6.1 (5.61) webadmin/admin.php Multiple Parameter XSS

The version of Atmail WebMail running on the remote host is vulnerable to multiple cross-site scripting issues. 'webadmin/admin.php' fails to sanitize input to the 'func' parameter, and to the 'type' parameter when 'func' is set to 'stats'. This is known to affect version 5.6.1 5.61 and may affec...

Asbru Web Content Management 6.56.6.9 - SQL Injection Cross-Site Scripting

Asbru Web Content Management 6.56.6.9 - SQL Injection Cross-Site Scripting source: https://www.securityfocus.com/bid/34349/info Asbru Web Content Management is prone to multiple SQL-injection vulnerabilities and a cross-site scripting vulnerability because it fails to sufficiently sanitize...

Debian DSA-1735-1 : znc - missing input sanitization

It was discovered that znc, an IRC proxy/bouncer, does not properly sanitize input contained in configuration change requests to the webadmin interface. This allows authenticated users to elevate their privileges and indirectly execute arbitrary commands CVE-2009-0759 . %NASLMINLEVEL 70300 C...

DSA-1735-1 znc - privilege escalation

Bulletin has no description...

ZNC Webadmin模块回车换行符注入漏洞

BUGTRAQ ID: 33899 CVECAN ID: CVE-2009-0759 ZNC是一个IRC代理，允许用户从工作站登录到IRC服务器。 ZNC的Webadmin模块中存在多个回车换行符注入（CRLF）漏洞。通过认证的远程攻击者可以修改znc.conf配置文件并在quit消息中注入CRLF序列导致以提升的权限执行任意代码。 ZNC 0.066 厂商补丁： ZNC --- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://downloads.sourceforge.net/znc/znc-0.066.tar.gz?usemirror=garr So...

DEBIAN-CVE-2009-0759

Multiple CRLF injection vulnerabilities in webadmin in ZNC before 0.066 allow remote authenticated users to modify the znc.conf configuration file and gain privileges via CRLF sequences in the quit message and other vectors...

CVE-2009-0759

Multiple CRLF injection vulnerabilities in webadmin in ZNC before 0.066 allow remote authenticated users to modify the znc.conf configuration file and gain privileges via CRLF sequences in the quit message and other vectors...

CVE-2009-0759

Multiple CRLF injection vulnerabilities in webadmin in ZNC before 0.066 allow remote authenticated users to modify the znc.conf configuration file and gain privileges via CRLF sequences in the quit message and other vectors...

Crlf injection

Multiple CRLF injection vulnerabilities in webadmin in ZNC before 0.066 allow remote authenticated users to modify the znc.conf configuration file and gain privileges via CRLF sequences in the quit message and other vectors...

CVE-2009-0759

Multiple CRLF injection vulnerabilities in webadmin in ZNC before 0.066 allow remote authenticated users to modify the znc.conf configuration file and gain privileges via CRLF sequences in the quit message and other vectors...

CVE-2009-0759

CVE-2009-0759 affects znc, specifically the webadmin interface used to modify znc.conf. The root cause is missing input sanitization in configuration change requests, allowing CRLF injection that can elevate privileges of authenticated users and indirectly execute arbitrary commands. Disclosures ...

CVE-2009-0759

Multiple CRLF injection vulnerabilities in webadmin in ZNC before 0.066 allow remote authenticated users to modify the znc.conf configuration file and gain privileges via CRLF sequences in the quit message and other vectors...

CVE-2008-5266

Cross-site scripting XSS vulnerability in configuration/httpListenerEdit.jsf in the GlassFish 2 UR2 b04 webadmin interface in Sun Java System Application Server 9.101 build b09d-fcs and 9.102 build b04-fcs allows remote attackers to inject arbitrary web script or HTML via the name parameter, a...

UBUNTU-CVE-2008-5266

Cross-site scripting XSS vulnerability in configuration/httpListenerEdit.jsf in the GlassFish 2 UR2 b04 webadmin interface in Sun Java System Application Server 9.101 build b09d-fcs and 9.102 build b04-fcs allows remote attackers to inject arbitrary web script or HTML via the name parameter, a...