41 matches found
AppServ Open Project <=2.5.10 - Cross-Site Scripting
AppServ Open Project 2.5.10 and earlier contains a cross-site scripting vulnerability in index.php which allows remote attackers to inject arbitrary web script or HTML via the appservlang parameter. id: CVE-2008-2398 info: name: AppServ Open Project =2.5.11 or apply the necessary security patches...
EUVD-2005-4291
Malware in sbrugna...
EUVD-2008-2393
Malware in sbrugna...
EUVD-2004-1526
Malware in sbrugna...
EUVD-2006-0133
Malware in sbrugna...
VulnCheck KEV: CVE-2008-2398
Cross-site scripting XSS vulnerability in index.php in AppServ Open Project 2.5.10 and earlier allows remote attackers to inject arbitrary web script or HTML via the appservlang parameter...
CVE-2005-4296
AppServ Open Project 2.5.3 allows remote attackers to cause a denial of service via a large HTTP request...
QIWI: Remote Code Execution on contactws.contact-sys.com via SQL injection in TAktifBankObject.GetOrder in parameter DOC_ID
Summary The API interface on https://contactws.contact-sys.com:3456/ accepts a body to interact with the server's AppServ object. Because of insufficient input validation, an attacker can abuse the DOCID parameter on the TAktifBankObject operation GetOrder to inject arbitrary SQL statements into...
QIWI: Remote Code Execution on contactws.contact-sys.com via SQL injection in TPrabhuObject.BeginOrder in parameter DOC_ID
Summary The API interface on https://contactws.contact-sys.com:3456/ accepts a body to interact with the server's AppServ object. Because of insufficient input validation, an attacker can abuse the DOCID parameter on the TPrabhuObject operation BeginOrder to inject arbitrary SQL statements into t...
QIWI: Remote Code Execution on contactws.contact-sys.com via SQL injection in TCertObject operation "Delete"
Summary The API interface on https://contactws.contact-sys.com:3456/ accepts a body to interact with the server's AppServ object. Because of insufficient input validation, an attacker can abuse the ID parameter to inject arbitrary SQL statements into the underlying prepared statement. This leads ...
AppServ Open Project <= 2.5.10 - 'appservlang' Parameter Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/29291/info AppServ Open Project is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...
AppServ Open Project 2.4.5 - Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16166/info AppServ Open Project is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to execute...
AppServ Open Project 2.5.3 - Remote Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15851/info AppServ Open Project is reportedly affected by a remote denial of service vulnerability. AppServ 2.5.3 running on Microsoft Windows platforms was reported to be vulnerable. Other versions may be affected as wel...
AppServ Open Project Version Detection
Detection of AppServ Open Project, an open source web server. The script sends a connection request to the web server and attempts to extract the version number from the reply. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...
AppServ Open Project 'appservlang' XSS Vulnerability
AppServ Open Project is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Apache 2.5.9=>2.5.10(win) Xss Vulnerability
Exploit for multiple platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1...
CVE-2008-2398
Cross-site scripting XSS vulnerability in index.php in AppServ Open Project 2.5.10 and earlier allows remote attackers to inject arbitrary web script or HTML via the appservlang parameter...
CVE-2008-2398
CVE-2008-2398 affects AppServ Open Project 2.5.10 and earlier, with a cross-site scripting (XSS) vulnerability in index.php that allows injection of arbitrary script/HTML via the appservlang parameter. Root cause is input handling in index.php failing to neutralize user-supplied appservlang data....
CVE-2008-2398
Cross-site scripting XSS vulnerability in index.php in AppServ Open Project 2.5.10 and earlier allows remote attackers to inject arbitrary web script or HTML via the appservlang parameter...
AppServ Open Project 2.5.10 - appservlang Cross-Site Scripting
AppServ Open Project 2.5.10 - appservlang Cross-Site Scripting source: https://www.securityfocus.com/bid/29291/info AppServ Open Project is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...