24 matches found
EUVD-2020-7845
Malware in sbrugna...
EUVD-2017-18697
Malware in sbrugna...
CVE-2020-15864
An issue was discovered in Quali CloudShell 9.3. An XSS vulnerability in the login page allows an attacker to craft a URL, with a constructor.constructor substring in the username field, that executes a payload when the user visits the /Account/Login page...
Malicious code in cloudshell-session (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f8e15fc603c20804c2b2939fe7269eb89e1c5cd6a2db87a92df41107e017fc8a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-1942 Malicious code in cloudshell-session (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f8e15fc603c20804c2b2939fe7269eb89e1c5cd6a2db87a92df41107e017fc8a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
AWS CloudShell Terminal Escape Injection / Remote Code Execution Vulnerabilities
The javascript terminal emulator used by AWS CloudShell handles certain terminal escape codes incorrectly. This can lead to remote code execution if attacker controlled data is displayed in a CloudShell instance. Terminal escape injection in AWS CloudShell The javascript terminal emulator used by...
AWS CloudShell Terminal Escape Injection / Remote Code Execution
Terminal escape injection in AWS CloudShell The javascript terminal emulator used by AWS CloudShell handles certain terminal escape codes incorrectly. This can lead to remote code execution if attacker controlled data is displayed in a CloudShell instance. The bug is in the handling of DCS escape...
Quali CloudShell Cross-Site Scripting Vulnerability (CNVD-2021-06529)
Quali CloudShell is a cloud service from Quali USA for managing infrastructure provisioning, cloud orchestration, automated deployments and more in cloud environments. A cross-site scripting vulnerability exists in Quali CloudShell version 9.3 that originates on the login page and can be exploite...
CVE-2020-15864
An issue was discovered in Quali CloudShell 9.3. An XSS vulnerability in the login page allows an attacker to craft a URL, with a constructor.constructor substring in the username field, that executes a payload when the user visits the /Account/Login page...
CVE-2020-15864
An issue was discovered in Quali CloudShell 9.3. An XSS vulnerability in the login page allows an attacker to craft a URL, with a constructor.constructor substring in the username field, that executes a payload when the user visits the /Account/Login page...
Design/Logic Flaw
An issue was discovered in Quali CloudShell 9.3. An XSS vulnerability in the login page allows an attacker to craft a URL, with a constructor.constructor substring in the username field, that executes a payload when the user visits the /Account/Login page...
CVE-2020-15864
An issue was discovered in Quali CloudShell 9.3. An XSS vulnerability in the login page allows an attacker to craft a URL, with a constructor.constructor substring in the username field, that executes a payload when the user visits the /Account/Login page...
CVE-2020-15864
Quali CloudShell 9.3 contains a cross-site scripting (XSS) flaw in the login page. An attacker can craft a URL including a username field containing constructor.constructor, which executes a payload when the user visits /Account/Login. Public references come from CVE-2020-15864 (NVD entry) and re...
Quali CloudShell 跨站脚本漏洞
Quali CloudShell is a cloud service from Quali USA for managing infrastructure provisioning, cloud orchestration, automated deployments and more in cloud environments. A cross-site scripting vulnerability exists in Quali CloudShell version 9.3 that originates on the login page and can be exploite...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Quali CloudShell before 8 allow remote authenticated users to inject arbitrary web script or HTML via the 1 Name or 2 Description parameter to RM/Reservation/ReserveNew; the 3 Description parameter to RM/Topology/Update; the 4 Name, 5...
CVE-2017-9767
Multiple cross-site scripting XSS vulnerabilities in Quali CloudShell before 8 allow remote authenticated users to inject arbitrary web script or HTML via the 1 Name or 2 Description parameter to RM/Reservation/ReserveNew; the 3 Description parameter to RM/Topology/Update; the 4 Name, 5...
CVE-2017-9767
Multiple cross-site scripting XSS vulnerabilities in Quali CloudShell before 8 allow remote authenticated users to inject arbitrary web script or HTML via the 1 Name or 2 Description parameter to RM/Reservation/ReserveNew; the 3 Description parameter to RM/Topology/Update; the 4 Name, 5...
CVE-2017-9767
CVE-2017-9767 describes multiple stored XSS vulnerabilities in Quali CloudShell prior to version 8. The flaws allow remote authenticated users to inject arbitrary HTML/script via several parameters across UI functions: RM/Reservation/ReserveNew (Name, Description), RM/Topology/Update (Description...
CVE-2017-9767
Multiple cross-site scripting XSS vulnerabilities in Quali CloudShell before 8 allow remote authenticated users to inject arbitrary web script or HTML via the 1 Name or 2 Description parameter to RM/Reservation/ReserveNew; the 3 Description parameter to RM/Topology/Update; the 4 Name, 5...
Quali CloudShell 7.1.0.6508 (Patch 6) - Persistent Cross Site Scripting Vulnerability
Exploit for windows platform in category web applications Vulnerability type: Multiple Stored Cross Site Scripting Vendor: Quali Product: CloudShell Affected version: v7.1.0.6508 Patch 6 Patched version: v8 and up Credit: Benjamin Lee CVE ID: CVE-2017-9767...