10 matches found
EUVD-2012-1044
Malware in sbrugna...
REDCap 11.3.9 - Stored Cross Site Scripting Vulnerability
Exploit Title: REDCap 11.3.9 - Stored Cross-Site Scripting Exploit Author: Kendrick Lam References: https://github.com/KCL04/XSS-PoCs/blob/main/CVE-2021-42136.js Vendor Homepage: https://projectredcap.org Software Link: https://projectredcap.org Version: Redcap before 11.4.0 Tested on: 11.2.5 CVE...
CVE-2020-28405
An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to change the privileges of any user of the application. This can be used to grant himself the administrative role or remove all administrative accounts of the...
Smiths-Medical CADD-Solis Medication Safety Software Elevation of Privilege Vulnerability
Smiths-Medical, headquartered in Plymouth, Minnesota, is a subsidiary of Smiths Group, a company based in the U.K. CADD-Solis drug safety software, is an application used to set dose limits for infusion pumps. An elevation of privilege vulnerability exists in Smiths-Medical CADD-Solis Medication...
FreeBSD Ports: foswiki
The remote host is missing an update to the system as announced in the referenced advisory. VID 495b46fd-a30f-11e1-82c9-d0df9acfd7e5 OpenVAS Vulnerability Test $ Description: Auto generated from VID 495b46fd-a30f-11e1-82c9-d0df9acfd7e5 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in UI/Register.pm in Foswiki before 1.1.5 allow remote authenticated users with CHANGE privileges to inject arbitrary web script or HTML via the 1 text, 2 FirstName, 3 LastName, 4 OrganisationName, 5 OrganisationUrl, 6 Profession, 7 Country, 8...
CVE-2012-1004
Multiple cross-site scripting XSS vulnerabilities in UI/Register.pm in Foswiki before 1.1.5 allow remote authenticated users with CHANGE privileges to inject arbitrary web script or HTML via the 1 text, 2 FirstName, 3 LastName, 4 OrganisationName, 5 OrganisationUrl, 6 Profession, 7 Country, 8...
CVE-2012-1004
Foswiki CVE-2012-1004 describes multiple XSS vulnerabilities in UI/Register.pm affecting Foswiki before 1.1.5. The issue allows remote authenticated users with CHANGE privileges to inject arbitrary web script or HTML via parameters such as text, FirstName, LastName, OrganisationName, Organisation...
Microsoft Site Server 2.0 with IIS 4.0 - Arbitrary File Upload
Microsoft Site Server 2.0 with IIS 4.0 - Arbitrary File Upload source: https://www.securityfocus.com/bid/1811/info Microsoft Site Server is an intranet server designed for an NT Server with IIS. Site Server enables users to locate and view information stored in various locations through...
Microsoft Site Server 2.0 with IIS 4.0 - Arbitrary File Upload
source: https://www.securityfocus.com/bid/1811/info Microsoft Site Server is an intranet server designed for an NT Server with IIS. Site Server enables users to locate and view information stored in various locations through personalized web pages and emails. The 'Users' directory, if not already...