Liferay Stored XSS Vulnerability

Liferay is prone to a stored cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Liferay CE 6.2 CE GA6 - Persistent Cross-Site Scripting

Liferay CE 6.2 CE GA6 - Persistent Cross-Site Scripting CVE-2016-3670 Stored Cross Site Scripting in Liferay CE 1. Vulnerability Properties Title: Stored Cross-Site Scripting Liferay CE CVE ID: CVE-2016-3670 CVSSv3 Base Score: 4.6 AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N Vendor: Liferay Inc Products:...

intersection.dsi.cnrs.fr XSS vulnerability

Vulnerable URL: http://intersection.dsi.cnrs.fr/intersection/calendrier-ce-ita.do?campagne=54=F=3=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...

Security Advisory - DoS Vulnerability in Huawei CE Series Switches

Huawei CE series switches are high-performance switches designed for next-generation data centers. The CE series switches have a DoS vulnerability. An attacker logs in to the switches multiple times using a non-administrator account through a specific protocol to exploit this vulnerability...

GoAutoDial CE 3.3 - Multiple Vulnerabilities

Exploit for php platform in category web applications Title : GoAutoDial CE 3.3 Multiple SQL injections, Command Injection Date : 06/12/2015 Author : R-73eN Tested on : goautodial-32bit-ce-3.3-final Software : http://goautodial.org/ | | / | / | / \ | | | || ' | | / | | / \ ' \ / \ | | | || | | |...

Operating System (OS) Detection (Telnet)

Telnet banner based Operating System OS detection. SPDX-FileCopyrightText: 2015 SCHUTZWERK GmbH SPDX-FileCopyrightText: Reworked, improved and extended detection code and pattern since 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...

GoAutoDial CE 3.3 - Multiple SQL Injections / Command Injection

Title : GoAutoDial CE 3.3 Multiple SQL injections, Command Injection Date : 06/12/2015 Author : R-73eN Tested on : goautodial-32bit-ce-3.3-final Software : http://goautodial.org/ | | / | / | / \ | | | || ' | | / | | / \ ' \ / \ | | | || | | | | | || | / | | | / | | ||| ||| / ||| || // \|...

GoAutoDial CE 3.3 SQL Injection / Command Injection Exploit

GoAutoDial CE version 3.3 remote command execution and SQL injection vulnerabilities. Title : GoAutoDial CE 3.3 Multiple SQL injections, Command Injection Date : 06/12/2015 Author : R-73eN Tested on : goautodial-32bit-ce-3.3-final Software : http://goautodial.org/ | | / | / | / \ | | | || ' | | /...

GoAutoDial CE 3.3 SQL Injection / Command Injection

Title : GoAutoDial CE 3.3 Multiple SQL injections, Command Injection Date : 06/12/2015 Author : R-73eN Tested on : goautodial-32bit-ce-3.3-final Software : http://goautodial.org/ | | / | / | / \ | | | || ' | | / | | / \ ' \ / \ | | | || | | | | | || | / | | | / | | ||| ||| / ||| || // \|...

CVE-2015-1005

IniNet embeddedWebServer aka eWebServer before 2.02 for Windows CE uses cleartext for password storage, which allows context-dependent attackers to obtain sensitive information via unspecified vectors...

Default credentials

IniNet embeddedWebServer aka eWebServer before 2.02 for Windows CE uses cleartext for password storage, which allows context-dependent attackers to obtain sensitive information via unspecified vectors...

CVE-2015-1005

IniNet embeddedWebServer aka eWebServer before 2.02 for Windows CE uses cleartext for password storage, which allows context-dependent attackers to obtain sensitive information via unspecified vectors...

CVE-2015-1005

IniNet embeddedWebServer (eWebServer) for Windows CE, prior to version 2.02, stores passwords in cleartext (CWE-312). This creates confidentiality risks for context-dependent attackers who may obtain credentials through unspecified vectors. The vulnerability is not remotely exploitable per availa...

ce-chpsb.org XSS vulnerability

Open Bug Bounty ID: OBB-87081 Description| Value ---|--- Affected Website:| ce-chpsb.org Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...

ce-juret.org XSS vulnerability

Open Bug Bounty ID: OBB-87036 Description| Value ---|--- Affected Website:| ce-juret.org Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...

Threat Outbreak Alert RuleID17564: Email Messages Distributing Malicious Software on August 25, 2015

Medium Alert ID: 40661 First Published: 2015 August 25 19:45 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID17564 may contain the following files: Name |...

CVE-2015-1980

IBM InfoSphere Master Data Management Collaborative Edition 9.1, 10.1, 11.0, 11.3, and 11.4 before FP03 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors...

GoAutoDial GoAdmin CE 'cpanel' action variable arbitrary command execution vulnerability

GoAutoDial is a set of open source Web-based call center software running on CentOS systems.GoAdmin CE is one of the set of administrator applications. A security vulnerability in the 'cpanel' function in the gosite.php script of GoAutoDial GoAdmin CE allows remote attackers to execute arbitrary...

GoAutoDial GoAdmin CE 'cpanel' Arbitrary Command Execution Vulnerability

GoAutoDial is a set of open source Web-based call center software running on CentOS systems.GoAdmin CE is one of the set of administrator applications. A security vulnerability in the 'cpanel' function in the gosite.php script of GoAutoDial GoAdmin CE allows remote attackers to execute arbitrary...

CVE-2015-2842

Unrestricted file upload vulnerability in goaudiostore.php in the audiostore Voice Files upload functionality in GoAutoDial GoAdmin CE 3.x before 3.3-1421902800 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct reque...