CVE-2008-6587

CVE-2008-6587 describes a cross-site request forgery (CSRF) in Vuze (formerly Azureus HTML WebUI) where requests to index.tmpl can hijack a user’s session to force downloads of arbitrary torrent files via the upurl parameter. Reported as likely in the 0.7.6 timeframe, this vulnerability could per...

CVE-2008-6586

The CVE-2008-6586 entry documents a Cross-site request forgery (CSRF) vulnerability in the gui/index.php of µTorrent (uTorrent) WebUI 0.315. The vulnerability allows an attacker to hijack the authentication of users for requests that trigger the download of arbitrary torrent files via the add-url...

uTorrent / BitTorrent WebIU HTTP 1.7.7/6.0.1 Range header DoS Exploit

No description provided by source. !/usr/bin/perl uTorrent / BitTorrent WebIU HTTP 1.7.7/6.0.1 Range header Denial of Service exploit according to the following advisory: http://secunia.com/advisories/30605 usage: WebUI-dos.pl url port user:pass Exploit written by Exodus. http://www.blackhat.org....

μTorrent (uTorrent) WebUI 0.310 Beta 2 - Cross-Site Request Forgery

μTorrent uTorrent WebUI 0.310 Beta 2 - Cross-Site Request Forgery source: https://www.securityfocus.com/bid/28847/info uTorrent WebUI is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to execute arbitrary actions in the context of the affect...

Azureus HTML WebUI 0.7.6 - Cross-Site Request Forgery

source: https://www.securityfocus.com/bid/28848/info Azureus HTML WebUI is prone to a cross-site request-forgery vulnerability. Successful exploits aid in transferring malicious content to unsuspecting users' computers, aiding in further attacks. Other actions may also be affected, but this has n...

μTorrent (uTorrent) WebUI 0.310 Beta 2 - Cross-Site Request Forgery

source: https://www.securityfocus.com/bid/28847/info uTorrent WebUI is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to execute arbitrary actions in the context of the affected application. uTorrent WebUI 0.310 beta 2 is vulnerable; other...

Azureus HTML WebUI 0.7.6 - Cross-Site Request Forgery

Azureus HTML WebUI 0.7.6 - Cross-Site Request Forgery source: https://www.securityfocus.com/bid/28848/info Azureus HTML WebUI is prone to a cross-site request-forgery vulnerability. Successful exploits aid in transferring malicious content to unsuspecting users' computers, aiding in further...

CVE-2007-4050

Unspecified vulnerability in WebUI in ADempiere Bazaar before 3.3 beta Victoria edition allows remote attackers to access system-level windows via unspecified vectors...

Design/Logic Flaw

Unspecified vulnerability in WebUI in ADempiere Bazaar before 3.3 beta Victoria edition allows remote attackers to access system-level windows via unspecified vectors...

CVE-2007-4050

CVE-2007-4050 affects the WebUI of ADempiere Bazaar prior to the 3.3 beta Victoria edition. The vulnerability allows remote attackers to access system-level windows via unspecified vectors; the exact root cause and exploit details are not provided in the available documents. The NVD description c...

CVE-2007-4050

Unspecified vulnerability in WebUI in ADempiere Bazaar before 3.3 beta Victoria edition allows remote attackers to access system-level windows via unspecified vectors...

Xerox WorkCentre WebUI远程命令注入漏洞

Xerox WorkCentre是一款数码打印复印一体机。 WorkCentre的TCP/IP主机名存在WebUI命令注入漏洞，允许攻击者绕过认证远程执行任意软件。如果成功利用的话，攻击者可以非授权更改系统配置。 Xerox WorkCentre Pro 275 Xerox WorkCentre Pro 265 Xerox WorkCentre Pro 255 Xerox WorkCentre Pro 245 Xerox WorkCentre Pro 238 Xerox WorkCentre Pro 232 Xerox WorkCentre 275 Xerox WorkCentre 26...

CVE-2006-5290

The ESS/ Network Controller and MicroServer Web Server components of Xerox WorkCentre and WorkCentre Pro 232, 238, 245, 255, 265 and 275 allow remote attackers to bypass authentication and execute arbitrary code via "WebUI command injection on TCP/IP hostname."...

CVE-2006-5290

CVE-2006-5290 affects Xerox WorkCentre and WorkCentre Pro devices (232, 238, 245, 255, 265, 275) where the ESS/Network Controller and MicroServer Web Server components are vulnerable. The issue is a WebUI command injection on the TCP/IP hostname that allows remote attackers to bypass authenticati...

Web Server / Application favicon.ico Vendor Fingerprinting

The 'favicon.ico' file found on the remote web server belongs to a popular web server. This may be used to fingerprint the web server. This script was written by Javier Fernandez-Sanguino based on sample code written by Renaud Deraison in the nessus-plugins mailing list It is distributed under th...

CVE-2002-0891

The CVE-2002-0891 issue affects NetScreen ScreenOS WebUI (pre-2.6.1r8 and certain 2.8.x/3.0.x builds before 3.0.3r1). The vulnerability allows remote attackers to trigger a denial-of-service (crash) by sending a long user name to the WebUI. Impact is limited to availability (PARTIAL) as per the N...

NSFOCUS SA2001-01: NetScreen Firewall WebUI Buffer Overflow vulnerability

NSFOCUS Security AdvisorySA2001-01 Topic: NetScreen Firewall WebUI Buffer Overflow vulnerability Release DateЈє Jan 9th, 2001 CVE Candidate Numbers: CAN-2001-0007 Affected system: ================ ScreenOS release 1.73r1 on the NetScreen-1000 ScreenOS release 2.01r6 on the NetScreen-10/100 Screen...

ScreenOS 1.732.x - Firewall Denial of Service

ScreenOS 1.732.x - Firewall Denial of Service source: https://www.securityfocus.com/bid/2176/info NetScreen Firewall is a network appliance used to secure against intruders and various types of attacks to a network. NetScreen has a Web administrative Interface WebUI used to configure and set the...