5 matches found
Auto Manager admin.cgi Multiple Field XSS
vendor: interactivetools.com, inc., http://www.interactivetools.com/products/automanager/ product: Auto Manager version: 2.52 script: admin.cgi fields: Vehicle, Year, Price, Drive Train, Transmission, Body, Engine, Description, Color, Miles BugsNotHugs Shared Vulnerability Disclosure Account...
e-Courier CMS Tracking xss
Exploit for unknown platform in category web applications ========================== e-Courier CMS Tracking xss ========================== Vendor: e-Courier http://www.ecouriersoftware.com/ Product: CMS Tracking Site Issue: Cross-Site Scripting. Description: Nearly all pages include the URI...
Cisco ASA5520 Web VPN Host Header XSS
Cisco ASA5520 Web VPN Host Header XSS - Description Cross-site scripting. - Product Cisco, ASA5520, IOS 7.2222 - PoC Modified request: POST /+webvpn+/index.html HTTP/1.1 Host: "'scriptalert'BugsNotHugs'/scriptmeta httpequiv="" content='"www.owasp.org Accept: image/gif, image/x-xbitmap,...
Cisco ASA5520 Web VPN Cross Site Scripting
Cisco ASA5520 Web VPN Host Header XSS - Description Cross-site scripting. - Product Cisco, ASA5520, IOS 7.2222 - PoC Modified request: POST /+webvpn+/index.html HTTP/1.1 Host: "'alert'BugsNotHugs' alert'BugsNotHugs'meta httpequiv="" content='"www.owasp...
Check Point Firewall-1 Overflow
Check Point Firewall-1 PKI Web Service HTTP Header Remote Overflow - Description The Check Point Firewall-1 PKI Web Service, running by default on TCP port 18264, is vulnerable to a remote overflow in the handling of very long HTTP headers. This was discovered during a pen-test where the client...