17 matches found
EUVD-2005-1320
Malware in sbrugna...
Gentoo Security Advisory GLSA 200406-09 (net-www/horde-chora)
The remote host is missing updates announced in advisory GLSA 200406-09. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200406-09 (net-www/horde-chora)
The remote host is missing updates announced in advisory GLSA 200406-09. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Chora Remote Code Execution Vulnerability
The remote server is running at least one instance of Chora version 1.2.1 or earlier. Such versions have a flaw in the diff viewer that enables a remote attacker to run arbitrary code with the permissions of the web user. OpenVAS Vulnerability Test $Id: choraremotecodeexecution.nasl 7221 2017-09-...
Horde Chora < 1.2.2 RCE Vulnerability - Active Check
Horde Chora is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2004 George A. Theall Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later CPE =...
Chora Detection
This script detects whether the remote host is running Chora and extracts version numbers and locations of any instances found. Chora is a PHP-based interface to CVS repositories from the Horde Project. See http://www.horde.org/chora/ for more information. OpenVAS Vulnerability Test $Id:...
Chora Detection
This script detects whether the remote host is running Chora and extracts version numbers and locations of any instances found. Chora is a PHP-based interface to CVS repositories from the Horde Project. SPDX-FileCopyrightText: 2005 George A. Theall Some text descriptions might be excerpted from a...
FreeBSD : chora (2069)
The following package needs to be updated: chora %NASLMINLEVEL 70300 C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-2006 Jacques Vidrine and contributors Redistribution and use in source VuXML and 'compiled' forms SGML, HTML, PDF, PostScrip...
[SA15083] Chora Parent Frame Page Title Cross-Site Scripting Vulnerability
---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: Chora Parent Frame Page Title Cross-Site Scripting...
CVE-2005-1317
Cross-site scripting XSS vulnerability in Horde Chora module before 1.2.3 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title...
Horde Chora common-footer.inc Page Title XSS
According to its version, the remote installation of Chora fails to fully sanitize user-supplied input when setting the parent frame's page title by JavaScript in 'templates/common-footer.inc'. By leveraging this flaw, an attacker may be able to inject arbitrary HTML and script code into a user's...
CVE-2005-1317
Cross-site scripting XSS vulnerability in Horde Chora module before 1.2.3 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title...
Horde Chora < 1.2.3 Parent Frame Page Title XSS
Binary data 2853.prm...
Horde Chora Software Detection
The remote host is running Chora, a PHP-based interface to CVS repositories from the Horde Project. This script was written by George A. Theall, . See the Nessus Scripts License for details. include"compat.inc"; if description scriptid13849; scriptversion"1.26";...
Horde Chora CVS Viewer diff Utility Arbitrary Command Execution
The remote server is running at least one instance of Chora version 1.2.1 or earlier. Such versions have a flaw in the diff viewer that enables a remote attacker to run arbitrary code with the permissions of the web user. %NASLMINLEVEL 70300 This script was written by George A. Theall, . See the...
Horde-Chora: Remote code execution
Background Chora is a PHP-based SVN/CVS repository viewer by the HORDE project. Description A vulnerability in the diff viewer of Chora allows an attacker to inject shellcode. An attacker can exploit PHP's file upload functionality to upload a malicious binary to a vulnerable server, chmod it as...
[UNIX] Chora CVS/SVN Viewer Remote Vulnerability
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...