3 matches found
CTERA Cloud Storage OS项目文件夹描述脚本注入漏洞
CTERA Cloud Storage OS是一款云存储系统。 CTERA Cloud Storage OS不正确过滤项目文件夹中的描述字段数据,允许远程攻击者利用漏洞注入恶意脚本或HTML代码,当恶意数据被查看时,可获取敏感信息或劫持用户会话。 0 CTERA Cloud Storage OS 3.2.29.0 CTERA Cloud Storage OS 3.2.42.0 厂商补丁: CTERA ----- CTERA Cloud Storage OS 4.0.7已经修复该漏洞,建议用户下载更新:...
CTERA 3.2.29.0 and 3.2.42.0 - Stored XSS
Exploit for php platform in category web applications OVERVIEW Standard Ctera User can define a particular “description” for a ProjectFolder that cause javascript code execution and HTML injection. INTRODUCTION CTERA Networks http://www.ctera.combridges the gap between cloud storage and local...
CTERA 3.2.29.0/3.2.42.0 - Persistent Cross-Site Scripting
Exploit Title: CTERA Project Folders - Stored XSS Date: 11-Mar-2013 Exploit Author: Luigi Vezzoso Vendor Homepage: http://www.ctera.com Version: 3.2.29.0 and 3.2.42.0 Tested on: ctera os CVE : CVE-2013-2639 OVERVIEW Standard Ctera User can define a particular “description” for a ProjectFolder tha...