16 matches found
CVE-2019-13643
Stored XSS in EspoCRM before 5.6.4 allows remote attackers to execute malicious JavaScript and inject arbitrary source code into the target pages. The attack begins by storing a new stream message containing an XSS payload. The stored payload can then be triggered by clicking a malicious link on...
Cross site scripting
Stored XSS in EspoCRM before 5.6.4 allows remote attackers to execute malicious JavaScript and inject arbitrary source code into the target pages. The attack begins by storing a new stream message containing an XSS payload. The stored payload can then be triggered by clicking a malicious link on...
CVE-2019-9957
Stored XSS within Quadbase EspressReport ES ERES v7.0 update 7 allows remote attackers to execute malicious JavaScript and inject arbitrary source code into the target pages. The XSS payload is stored by creating a new user account, and setting the username to an XSS payload. The stored payload c...
Cross site scripting
Stored XSS within Quadbase EspressReport ES ERES v7.0 update 7 allows remote attackers to execute malicious JavaScript and inject arbitrary source code into the target pages. The XSS payload is stored by creating a new user account, and setting the username to an XSS payload. The stored payload c...
NaviCOPA <= 3.0.1.2 Source Disclosure
No description provided by source. NaviCOPA Web Server = 3.0.1.2 Remote Source Disclosure Found By: DrIDE Tested On: Windows XPSP3 Download: www.navicopa.com/download.html - Description - NaviCOPA Web Server = 3.0.1.2 is a Windows based HTTP server. This is the latest version of the application...
Mongoose Web Server 2.8 - Source Disclosure
Mongoose Web Server = 2.8.0 Remote Source Disclosure Found By: DrIDE Tested On: Windows XPSP3 Download: http://code.google.com/p/mongoose/ - Description - Mongoose Web Server = 2.8.0 is a Windows based HTTP server. This is the latest version of the application available. Mongoose is vulnerable to...
httpdx <= 1.4.6b source disclosure
Exploit for unknown platform in category web applications ================================== httpdx = 1.4.6b source disclosure ================================== httpdx = 1.4.6b Remote Source Disclosure Found By: DrIDE Tested On: Windows XPSP3 Download: httpdx.sourceforge.net/downloads/ -...
httpdx 1.4.6b - Source Disclosure
httpdx = 1.4.6b Remote Source Disclosure Found By: DrIDE Tested On: Windows XPSP3 Download: httpdx.sourceforge.net/downloads/ - Description - httpdx Web Server = 1.4.6b is a Windows based HTTP server. This is the latest version of the application available. httpdx is vulnerable to remote arbitrar...
Mongoose Web Server 2.8.0 Source Disclosure
Mongoose Web Server = 2.8.0 Remote Source Disclosure Found By: DrIDE Tested On: Windows XPSP3 Download: http://code.google.com/p/mongoose/ - Description - Mongoose Web Server = 2.8.0 is a Windows based HTTP server. This is the latest version of the application available. Mongoose is vulnerable to...
Femitter HTTP Server 1.03 - Remote Source Disclosure
Femitter HTTP Server 1.03 - Remote Source Disclosure Femitter HTTP Server v1.03 Remote Source Disclosure Found By: DrIDE Tested On: Windows XPSP3 Download: www.acritum.com - Description - Acritum Femitter Web Server v1.03 is a Windows based HTTP server. This is the latest version of the applicati...
Kolibri+ Web Server 2 Remote Arbitrary Source Code Disclosure #2
No description provided by source. Kolibri+ Web Server 2 Remote Arbitrary Source Code Disclosure aka: More fun with Kolibri+ 2 webserver Found By: DrIDE Tested On: Windows XPSP3 - Description - Kolibri+ 2 Web Server is a Windows based HTTP server. This is the latest version of the application...
Xerver HTTP Server 4.32 Disclosure
Xerver HTTP Server v4.32 Remote Arbitrary Source Code Disclosure Found By: DrIDE Download: http://www.javascript.nu/xerver Tested On: Windows XPSP3 - Description - Xerver v4.32 is a Windows based HTTP server. This is the latest version of the application available. Xerver v4.32 is vulnerable to...
Kolibri+ Web Server 2 - Arbitrary Source Code Disclosure (2)
Kolibri+ Web Server 2 Remote Arbitrary Source Code Disclosure aka: More fun with Kolibri+ 2 webserver Found By: DrIDE Tested On: Windows XPSP3 - Description - Kolibri+ 2 Web Server is a Windows based HTTP server. This is the latest version of the application available. This vulnerability is simil...
Code injection
response.c in Lighttpd 1.4.10 and possibly previous versions, when run on Windows, allows remote attackers to read arbitrary source code via requests that contain trailing 1 "." dot and 2 space characters, which are ignored by Windows, as demonstrated by PHP files...
CVE-2006-0814
Lighttpd on Windows (1.4.10 and possibly earlier) is affected by an information disclosure vulnerability where specially crafted requests containing trailing dots or spaces bypass Windows handling and cause disclosure of script/source code. Root cause is improper validation of filename extensions...
CVE-2006-0814
response.c in Lighttpd 1.4.10 and possibly previous versions, when run on Windows, allows remote attackers to read arbitrary source code via requests that contain trailing 1 "." dot and 2 space characters, which are ignored by Windows, as demonstrated by PHP files...