30 matches found
EUVD-2010-1924
Malware in sbrugna...
EUVD-2002-2052
Malware in sbrugna...
EUVD-2018-17545
Malware in sbrugna...
CVE-2022-32988
Cross Site Scripting XSS vulnerability in router Asus DSL-N14U-B1 1.1.2.3805 via the "list" parameters e.g. filterlwlist, keywordrulelist, etc in every ".asp" page containing a list of stored strings. The following asp files are affected: 1 cgi-bin/APPInstallation.asp, 2...
CVE-2022-32988
Cross Site Scripting XSS vulnerability in router Asus DSL-N14U-B1 1.1.2.3805 via the "list" parameters e.g. filterlwlist, keywordrulelist, etc in every ".asp" page containing a list of stored strings. The following asp files are affected: 1 cgi-bin/APPInstallation.asp, 2...
Cross site scripting
Cross Site Scripting XSS vulnerability in router Asus DSL-N14U-B1 1.1.2.3805 via the "list" parameters e.g. filterlwlist, keywordrulelist, etc in every ".asp" page containing a list of stored strings. The following asp files are affected: 1 cgi-bin/APPInstallation.asp, 2...
CVE-2022-32988
Cross Site Scripting XSS vulnerability in router Asus DSL-N14U-B1 1.1.2.3805 via the "list" parameters e.g. filterlwlist, keywordrulelist, etc in every ".asp" page containing a list of stored strings. The following asp files are affected: 1 cgi-bin/APPInstallation.asp, 2...
CVE-2022-32988
CVE-2022-32988 is an XSS vulnerability in Asus DSL-N14U-B1 firmware version 1.1.2.3_805. The issue arises in the web UI exposed through a large set of ASP pages that render lists of stored strings, where the *list parameters (examples: filter_lwlist, keyword_rulelist, etc) are not properly saniti...
Exploit for Cross-site Scripting in Asus Dsl-N14U-B1_Firmware
CVE-2022-32988 Affected products We have not yet tested As...
Sql injection
An issue was discovered in Ipswitch WhatsUp Gold before 2017 Plus SP1 17.1.1. Multiple SQL injection vulnerabilities are present in the legacy .ASP pages, which could allow attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2018-5778
An issue was discovered in Ipswitch WhatsUp Gold before 2017 Plus SP1 17.1.1. Multiple SQL injection vulnerabilities are present in the legacy .ASP pages, which could allow attackers to execute arbitrary SQL commands via unspecified vectors...
PT-2018-17141 · Ipswitch · Ipswitch Whatsup Gold
Name of the Vulnerable Software and Affected Versions: Ipswitch WhatsUp Gold versions prior to 2017 Plus SP1 17.1.1 Description: An issue was discovered in the legacy .ASP pages of Ipswitch WhatsUp Gold, where multiple SQL injection vulnerabilities are present. These vulnerabilities could allow...
Microsoft Site Server 3.0 Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3999/info Microsoft Site Server is designed to run on Microsoft Windows NT Server platforms. It provides a means for users on a corporate intranet to share, publish, and find information. Site Server Commerce Edition...
MS11-051: Vulnerability in Active Directory Certificate Services Web Enrollment Could Allow Elevation of Privilege (2518295)
A reflected or non-persistent cross-site scriting vulnerability exists in the version of Active Directory Certificate Services Web Enrollment installed on the remote Windows host due to improper validation of a request parameter. By using a specially crafted link, an attacker could leverage the...
CVE-2010-1905
Multiple cross-site scripting XSS vulnerabilities in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance allow remote attackers to inject arbitrary web script or HTML via crafted input to ASP pages, as demonstrated using the backurl parameter to...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance allow remote attackers to inject arbitrary web script or HTML via crafted input to ASP pages, as demonstrated using the backurl parameter to...
CVE-2010-1905
Multiple cross-site scripting XSS vulnerabilities in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance allow remote attackers to inject arbitrary web script or HTML via crafted input to ASP pages, as demonstrated using the backurl parameter to...
CVE-2010-1905
CVE-2010-1905 concerns multiple cross-site scripting (XSS) vulnerabilities in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance. The XSS can be triggered by crafted input to ASP pages, demonstrated via the backurl parameter to sdccommon/verify/asp/n6plugindestructor.asp. The avail...
GoAhead WebServer Script Source Code Disclosure
A vulnerable version of GoAhead Webserver is running on the remote host. Description : GoAhead Webserver is installed on the remote system. It's an open-source webserver, which is capable of hosting ASP pages, and installation on multiple operating systems. The version installed is vulnerable to...
Microsoft IIS文件更改通知本地权限提升漏洞(MS08-005)
BUGTRAQ ID: 27101 CVECAN ID: CVE-2008-0074 Microsoft Internet信息服务(IIS)是Microsoft Windows自带的一个网络信息服务器,其中包含HTTP服务功能。 IIS处理FTPRoot、NNTPFile\Root和WWWRoot文件夹中文件变化通知的方式存在本地权限提升漏洞,成功利用这个漏洞的攻击者可以在本地系统安全环境中执行任意指令。 Microsoft IIS 7.0 Microsoft IIS 6.0 Microsoft IIS 5.1 Microsoft IIS 5.0 临时解决方法: 在Windows...