Kopano WebApp Cross-Site Scripting Vulnerability

Kopano WebApp is a Web-based e-mail management program from the German Kopano team. file previewer plugin is one of the document previewer plugin. A cross-site scripting vulnerability exists in the js/ViewerPanel.js file of the file previewer plugin in Kopano WebApp 3.3.0 and earlier versions. A...

Cross site scripting

Cross-site scripting XSS vulnerability in js/ViewerPanel.js in the file previewer plugin in Kopano WebApp versions 3.3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via a specially crafted previewable file...

CVE-2017-11666

Cross-site scripting XSS vulnerability in js/ViewerPanel.js in the file previewer plugin in Kopano WebApp versions 3.3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via a specially crafted previewable file...

CVE-2017-11666

Cross-site scripting XSS vulnerability in js/ViewerPanel.js in the file previewer plugin in Kopano WebApp versions 3.3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via a specially crafted previewable file...

CVE-2017-11666

CVE-2017-11666 describes a Cross-site scripting (XSS) vulnerability in Kopano WebApp, affecting the file previewer’s JavaScript component (js/ViewerPanel.js) in Kopano WebApp versions 3.3.0 and earlier. According to the provided sources, a remote attacker can inject arbitrary web script or HTML b...

CVE-2017-11666

Cross-site scripting XSS vulnerability in js/ViewerPanel.js in the file previewer plugin in Kopano WebApp versions 3.3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via a specially crafted previewable file...

webapp.montcopa.org XSS vulnerability

Open Bug Bounty ID: OBB-255788 Description| Value ---|--- Affected Website:| webapp.montcopa.org Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Che...

PHPMailer < 5.2.20 with Exim MTA - Remote Code Execution Exploit

Exploit for php platform in category web applications !/usr/bin/python Exploit Title: RCE for PHPMailer 5.2.20 with Exim MTA Date: 16/06/2017 Exploit Author: @phacktul Software Link: https://github.com/PHPMailer/PHPMailer Version: 5.2.20 Tested on: Debian x86/x64 CVE :...

CVE-2017-6862

NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261...

Remote code execution

NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261...

CVE-2017-6862

NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261...

Directory Traversal

Apache Atlas is vulnerable to directory traversal attacks. The attacks can be triggered because it does not properly handle URI input from the users, allowing an unauthorized access to webapp directory by using direct URIs such as /js or /img...

Information Disclosure

atlas-webapp is vulnerable to information disclosure. The library prints sensitive information in its stack trace error logs. A malicious user can then access sensitive information stored on these logs...

Insecure Cookies

atlas-webapp is vulnerable to insecure cookies. The library uses a predictable cookie name in the webapp. This can allow a malicious user to access sensitive data contained in the cookies...

webnetseo CMS Multiple Vulnerabilities

Exploit for php platform in category web applications Exploit Title : webnetseo CMS Multiple Vulnerabilities Exploit Author : Ashiyane Digital Security Team Vendor Homepage: webnetseo.net Date : 2017 07 May Category : WebApp MY HOME : Ashiyane.org CWE : CWE-89 - CWE-276 And ... Video :...

CVE-2017-7990

The Reporting Module 1.12.0 for OpenMRS allows CSRF attacks with resultant XSS, in which administrative authentication is hijacked to insert JavaScript into a name field in webapp/reports/manageReports.jsp...

CVE-2017-7990

The Reporting Module 1.12.0 for OpenMRS allows CSRF attacks with resultant XSS, in which administrative authentication is hijacked to insert JavaScript into a name field in webapp/reports/manageReports.jsp...

webapp.library.uvic.ca XSS vulnerability

Vulnerable URL: http://webapp.library.uvic.ca/databases/details.php?id=730=letter:P...

CIOReview names Wallarm in    “20 Most Promising Enterprise WebApp Solution Providers”

CIOReview names Wallarm in “20 Most Promising Enterprise WebApp Solution Providers” We are glad to be short-listed amongst Top-20 most promising solution providers for the web apps by CIOReview. This is a good illustration of how we are helping enterprises to secure their web apps. The award main...

Webapp builder 2.0 - Unauthenticated File Upload

Plugin is still affected and has been closed...