237 matches found
Cybozu Garoon Cross-Site Scripting Vulnerability (CNVD-2019-12700)
Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. A cross-site scripting vulnerability exists in Cybozu Garoon versions 4.0.0 through 4.10.1, which originates from...
Cybozu Garoon Cross-Site Scripting Vulnerability (CNVD-2019-12707)
Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. A cross-site scripting vulnerability exists in Cybozu Garoon versions 4.0.0 through 4.6.3, which originates from ...
Cybozu Garoon Cross-Site Scripting Vulnerability (CNVD-2019-12699)
Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. A cross-site scripting vulnerability exists in Cybozu Garoon versions 4.0.0 through 4.10.1, which originates from...
IBM Sterling B2B Integrator Cross-Site Scripting Vulnerability (CNVD-2019-14608)
IBM Sterling B2B Integrator is a suite of software from IBM USA that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. A cross-site scripting vulnerability exists in IBM Sterling B...
Cross-Site Scripting Vulnerabilities in Multiple ZyXEL Products
ZyXEL ZyWall 310 and others are products of Taiwan, China-based ZyXEL Corporation.ZyXEL ZyWall 310 is a 310 series VPN firewall appliance.ZyXEL ZyWall 110 is a 110 series VPN firewall appliance.ZyXEL USG1900 is a next-generation unified security gateway appliance. A cross-site scripting...
Materialize Cross-Site Scripting Vulnerability
Materialize is a modern responsive front-end framework based on Material Design. A cross-site scripting vulnerability exists in Materialize 1.0.0 and prior versions, which stems from a lack of proper validation of client-side data in the WEB application. An attacker can exploit this vulnerability...
Azure DevOps Server Cross-Site Scripting Vulnerability
Microsoft Azure DevOps Server is a suite of software development collaboration tools from Microsoft Corporation USA. The product includes features such as sharing code, work tracking, and software distribution. A cross-site scripting vulnerability exists in Microsoft Azure DevOps Server 2019, whi...
Materialize cross-site scripting vulnerability (CNVD-2019-12908)
Materialize is a modern responsive front-end framework based on Material Design. A cross-site scripting vulnerability exists in Materialize 1.0.0 and prior versions, which stems from a lack of proper validation of client-side data in the WEB application. An attacker can exploit this vulnerability...
Palo Alto Networks Expedition Migration Tool Cross-Site Scripting Vulnerability
Palo Alto Networks Expedition Migration Tool is a security policy configuration migration tool from Palo Alto Networks, USA. A cross-site scripting vulnerability exists in Palo Alto Networks Expedition Migration Tool version 1.1.8 and prior versions, which stems from a lack of proper validation o...
PrinterOn Enterprise Cross-Site Scripting Vulnerability
PrinterOn Enterprise is a secure cloud printing solution from PrinterOn Canada. The solution supports printing from laptops, desktops and mobile devices connected to printers. A cross-site scripting vulnerability exists in PrinterOn Enterprise version 4.1.4, which stems from a lack of proper...
Silentum Uploader 1.4.0 - Remote File Deletion Exploit
No description provided by source. Vendor: http://hypersilence.net Versions: Silentum Uploader 1.4.0 May also affect earlier versions Credit: Danny Moules Critical: Yes See PUSH 55 Advisory at http://www.push55.co.uk/advisories.php?id=2 ---- Due to insufficient validation of client-side data, we...
PHPAds 2.0 Multiple Remote Vulnerabilities
Exploit for unknown platform in category web applications ========================================== PHPAds 2.0 Multiple Remote Vulnerabilities ========================================== Vendor: http://blondish.net Versions: PHPAds 2.0 May also affect earlier versions Credit: Danny Moules Critica...
phpads 2.0 - Multiple Vulnerabilities
phpads 2.0 - Multiple Vulnerabilities Vendor: http://blondish.net Versions: PHPAds 2.0 May also affect earlier versions Credit: Danny Moules Critical: Yes See PUSH 55 Advisory at http://www.push55.co.uk/advisories.php?id=8 ---- First, we need to acquire administrative access. We point our browser...
Ninja Blog 4.8 - Cross-Site Request Forgery/HTML Injection
Vendor: http://ninjadesigns.co.uk Versions: Ninja Blog 4.8 May also affect earlier versions Credit: Danny Moules Critical: Yes See PUSH 55 Advisory at https://www.push55.co.uk/index.php?s=ad&id=7 ---- Due to insufficient validation of client-side data, we can inject script directly into the...
phpads 2.0 - Multiple Vulnerabilities
Vendor: http://blondish.net Versions: PHPAds 2.0 May also affect earlier versions Credit: Danny Moules Critical: Yes See PUSH 55 Advisory at http://www.push55.co.uk/advisories.php?id=8 ---- First, we need to acquire administrative access. We point our browser at...
Silentum Uploader 1.4.0 File Deletion
Vendor: http://hypersilence.net Versions: Silentum Uploader 1.4.0 May also affect earlier versions Credit: Danny Moules Critical: Yes See PUSH 55 Advisory at http://www.push55.co.uk/advisories.php?id=2 ---- Due to insufficient validation of client-side data, we can alter the path of files to be...
Silentum Uploader 1.4.0 Remote File Deletion Exploit
No description provided by source. Vendor: http://hypersilence.net Versions: Silentum Uploader 1.4.0 May also affect earlier versions Credit: Danny Moules Critical: Yes See PUSH 55 Advisory at http://www.push55.co.uk/advisories.php?id=2 ---- Due to insufficient validation of client-side data, we...