191 matches found
Zenoss Monitoring System 4.2.5-2108 64bit - Stored XSS
No description provided by source. Exploit Title: Stored XSS vulnerability in Zenoss core open source monitoring system Date: 12/05/2014 Exploit author: Dolev Farhi dolevatopenflare.org Vendor homepage: http://zenoss.com Software Link: http://www.zenoss.com Version: Core 4.2.5-2108 64bit Tested o...
Zenoss Monitoring System 4.2.5-2108 64bit - Stored XSS Vulnerability
Cross-site scripting XSS vulnerability in Zenoss 4.2.5 allows remote attackers to inject arbitrary web script or HTML via the title of a device. Exploit Title: Stored XSS vulnerability in Zenoss core open source monitoring system Date: 12/05/2014 Exploit author: Dolev Farhi dolevatopenflare.org...
Zenoss Monitoring System 4.2.5-2108 Cross Site Scripting
Exploit Title: Stored XSS vulnerability in Zenoss core open source monitoring system Date: 12/05/2014 Exploit author: Dolev Farhi dolevatopenflare.org Vendor homepage: http://zenoss.com Software Link: http://www.zenoss.com Version: Core 4.2.5-2108 64bit Tested on: Kali Linux Vendor alerted:...
Zenoss Monitoring System 4.2.5-2108 (x64) - Persistent Cross-Site Scripting
Exploit Title: Stored XSS vulnerability in Zenoss core open source monitoring system Date: 12/05/2014 Exploit author: Dolev Farhi dolevatopenflare.org Vendor homepage: http://zenoss.com Software Link: http://www.zenoss.com Version: Core 4.2.5-2108 64bit Tested on: Kali Linux Vendor alerted:...
Spyce 2.1.3 docs/examples/handlervalidate.spy x Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/27898/info Spyce is prone to multiple input-validation vulnerabilities that can lead to information disclosure or client-side script execution. An attacker may leverage these issues to execute arbitrary script code in the...
Spyce 2.1.3 spyce/examples/getpost.spy Name Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/27898/info Spyce is prone to multiple input-validation vulnerabilities that can lead to information disclosure or client-side script execution. An attacker may leverage these issues to execute arbitrary script code in the...
Spyce 2.1.3 spyce/examples/automaton.spy Direct Request Error Message Information Disclosure
No description provided by source. source: http://www.securityfocus.com/bid/27898/info Spyce is prone to multiple input-validation vulnerabilities that can lead to information disclosure or client-side script execution. An attacker may leverage these issues to execute arbitrary script code in the...
Spyce 2.1.3 docs/examples/redirect.spy Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/27898/info Spyce is prone to multiple input-validation vulnerabilities that can lead to information disclosure or client-side script execution. An attacker may leverage these issues to execute arbitrary script code in the...
Dell OpenManage Server Administrator index_main.htm DOM-based XSS
The version of Dell OpenManage Server Administrator hosted on the remote web server has a cross-site scripting vulnerability. Making a specially crafted request for indexmain.htm can result in client-side script injection. An attacker could exploit this by tricking a user into requesting a...
Dell OpenManage Server Administrator omalogin.html DOM-based XSS
The version of Dell OpenManage Server Administrator hosted on the remote web server has a cross-site scripting vulnerability. Making a specially crafted request for omalogin.html can result in client-side script injection. An attacker could exploit this by tricking a user into requesting a...
Microsoft SQL Server Report Manager Cross Site Scripting Vulnerability (2754849)
This host has important security update missing according to Microsoft Bulletin MS12-070. OpenVAS Vulnerability Test $Id: secpodms12-070.nasl 5346 2017-02-19 08:43:11Z cfi $ Microsoft SQL Server Report Manager Cross Site Scripting Vulnerability 2754849 Authors: Rachana Shetty Copyright: Copyright...
AZ Photo Album - Cross-Site Scripting Arbitrary File Upload
AZ Photo Album - Cross-Site Scripting Arbitrary File Upload source: https://www.securityfocus.com/bid/53641/info The AZ Photo Album is prone to a cross-site-scripting and an arbitrary-file-upload vulnerabilities because it fails to properly sanitize user-supplied input. Attackers can exploit thes...
AZ Photo Album - Cross-Site Scripting / Arbitrary File Upload
source: https://www.securityfocus.com/bid/53641/info The AZ Photo Album is prone to a cross-site-scripting and an arbitrary-file-upload vulnerabilities because it fails to properly sanitize user-supplied input. Attackers can exploit these issues to steal cookie information, execute arbitrary clie...
Open Classifieds 1.7.2 Cross Site Scripting
-------------------------------------------------------------------- + Title : Open classifieds 1.7.2 Xss Vulnerability + Name : Open classifieds + Affected Version : v1.7.2 + Software Link : http://open-classifieds.com/ + Tested on : Vista & Windows Xp and Windows 7 + Date : 23/08/2011 + Dork :...
Windows MHTML Information Disclosure Vulnerability (2544893)
This host is missing an important security update according to Microsoft Bulletin MS11-037. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Windows MHTML Information Disclosure Vulnerability (2544893)
This host is missing an important security update according to Microsoft Bulletin MS11-037. OpenVAS Vulnerability Test $Id: secpodms11-037.nasl 5362 2017-02-20 12:46:39Z cfi $ Windows MHTML Information Disclosure Vulnerability 2544893 Authors: Antu Sanadi Updated By: Sooraj KS on 2011-11-09 -...
Novell Groupwise WebAccess Multiple Cross-Site Scripting Vulnerabilities
This vulnerability allows remote attackers to execute arbitrary client side script on vulnerable installations of Novell Groupwise WebAccess. Authentication is notrequired to exploit this vulnerability. The specific flaw exists within handling html messages sent to a Novell GroupwiseWebAccess use...
Microsoft Security Bulletin MS06-056
A cross-site scripting vulnerability exists in a server running a vulnerable version of the .Net Framework 2.0 that could inject a client side script in the user's browser. The script could spoof content, disclose information, or take any action that the user could take on the affected web site...
Deutsche Telekom Speedport w700v protection bypass
Bruteforce protection is implemented as client-side script...
Testing a Web application, whether there is cross-site scripting vulnerability-vulnerability warning-the black bar safety net
So far, for cross-site scripting attack has the very big threat that we no objection to it. If you are proficient with XSS and just wanted to see what test methods are available to draw on, then please skip directly to the article of the test section. If you know nothing about this, follow the...