11 matches found
Shopware Access Control Error Vulnerability
Shopware is a suite of open source e-commerce software from the German company Shopware. Shopware is vulnerable to an access control error that stems from not properly setting sensitive HTTP headers to non-cacheable, which could be exploited by an attacker to enable HTTP caching and then have...
When Bandwidth Doesn’t Last
Introduction Imperva’s Cloud WAF networking team went through a major transition from an operation team to a development team during the SDN era. We saw new products emerging for our network infrastructure - moving from manual operation to automatic. But, while the change of mindset from being an...
Distimo Monitor 6.0 - Multiple Cross Site Vulnerabilities
Document Title: =============== Distimo Monitor 6.0 - Multiple Cross Site Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=631 Release Date: ============= 2012-07-04 Vulnerability Laboratory ID VL-ID: ==================================== 6...
Genium CMS 2012|Q2 - Multiple Web Vulnerabilities
Exploit for php platform in category web applications Title: ====== Genium CMS 2012|Q2 - Multiple Web Vulnerabilities Introduction: ============= Durch den Einsatz von Genium CMS kцnnen Sie Ihre Homepage schnell und unabhдngig von Spezialisten betreuen. Kostengьnstig, schnell und flexibel. Das...
Parallels H Sphere 3.3 P1 Cross Site Scripting
Title: ====== Parallels H Sphere v3.3 P1 - Multiple Persistent Vulnerabilities Date: ===== 2012-01-22 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=392 VL-ID: ===== 392 Introduction: ============= Parallels H-Sphere delivers a multi-server hosting automation solution...
MegaSWF Cross Site Scripting
Title: ====== MegaSWF - Persistant Cross Site Scripting Vulnerability Date: ===== 2012-01-12 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=368 VL-ID: ===== 368 Introduction: ============= Do you create Flash games, Flash animations, or any other type of content saved ...
RTL TV Website - Persistent Service Vulnerabilities
Document Title: =============== RTL TV Website - Persistent Service Vulnerabilities Release Date: ============= 2011-08-27 Vulnerability Laboratory ID VL-ID: ==================================== 257 Product & Service Introduction: =============================== RTL Television formerly RTL plus i...
DELL KBOX SM Appliance v5.1.x - Multiple Vulnerabilities
Document Title: =============== DELL KBOX SM Appliance v5.1.x - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id= Release Date: ============= 2011-07-29 Vulnerability Laboratory ID VL-ID: ==================================== 70...
Barracuda Web Firewall 660 Firmware 7.3.1.007 Input Validation
Pentest Information: ==================== GESEC Team remove discover a input validation vulnerability on Barracuda - Web Application Firewall 660 Appliance. A remote attacker is able to get sensitive customer sessions hijackor can implement script routines & malicious codesserver-side|persistent...
Barracuda Web Firewall 660 Firmware 7.3.1.007 - Multiple Vulnerabilities
Barracuda Web Firewall 660 Firmware 7.3.1.007 - Multiple Vulnerabilities Pentest Information: ==================== GESEC Team remove discover a input validation vulnerability on Barracuda - Web Application Firewall 660 Appliance. A remote attacker is able to get sensitive customer sessions hijack...
Barracuda Web Firewall 660 Firmware 7.3.1.007 - Multiple Vulnerabilities
Pentest Information: ==================== GESEC Team remove discover a input validation vulnerability on Barracuda - Web Application Firewall 660 Appliance. A remote attacker is able to get sensitive customer sessions hijackor can implement script routines & malicious codesserver-side|persistent...