8 matches found
Server-side Request Forgery (SSRF)
Overview nuxt-og-image is an Enlightened OG Image generation for Nuxt. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF due to inadequate validation of user-supplied URLs in the isBlockedUrl process. An attacker can access internal network resources or sensitiv...
PR11-07 Multiple peristent XSS, XSS, XSRF, offsite redirection and information disclosure flaws within CheckPoint/Sofaware firewalls
ProCheckUp Research http://procheckup.com/procheckup-labs/pr11-07.aspx PR11-07 Multiple peristent XSS, XSS, XSRF, offsite redirection and information disclosure flaws within CheckPoint/Sofaware firewalls Vulnerability found: 3rd May 2011 Vendor informed: 20th July 2011 Vulnerability fixed: 16th...
Check Point UTM-1 Edge and Safe 8.2.43 - Multiple Vulnerabilities
source: https://www.securityfocus.com/bid/50189/info Check Point UTM-1 Edge and Safe are prone to multiple security vulnerabilities, including: 1. Multiple cross-site scripting vulnerabilities 2. Multiple HTML-injection vulnerabilities 3. Multiple cross-site request forgery vulnerabilities 4...
CVE-2002-2341
Cross-site scripting XSS vulnerability in content blocking in SonicWALL SOHO3 6.3.0.0 allows remote attackers to inject arbitrary web script or HTML via a blocked URL...
CVE-2005-0291
Cross-site scripting XSS vulnerability in the log viewer in NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via a blocked URL phrase...
CVE-2002-2341
Cross-site scripting XSS vulnerability in content blocking in SonicWALL SOHO3 6.3.0.0 allows remote attackers to inject arbitrary web script or HTML via a blocked URL...
SonicWALL SOHO3 blocked URL log file script injection
Cross-site scripting XSS vulnerability in content blocking in SonicWALL SOHO3 6.3.0.0 allows remote attackers to inject arbitrary web script or HTML via a blocked URL. CVE: CVE-2002-2341 Last updated: Sept. 5, 2008, 8:32 p.m...
Уязвимость в Novell Border Manager
Пользователь может получить доступ к блокированной URL применив специальные символы xx в имени директории...