Lucene search
K

6 matches found

seebug.org
seebug.org
added 2014/02/18 12:0 a.m.34 views

CTERA Cloud Storage OS项目文件夹描述脚本注入漏洞

CTERA Cloud Storage OS是一款云存储系统。 CTERA Cloud Storage OS不正确过滤项目文件夹中的描述字段数据,允许远程攻击者利用漏洞注入恶意脚本或HTML代码,当恶意数据被查看时,可获取敏感信息或劫持用户会话。 0 CTERA Cloud Storage OS 3.2.29.0 CTERA Cloud Storage OS 3.2.42.0 厂商补丁: CTERA ----- CTERA Cloud Storage OS 4.0.7已经修复该漏洞,建议用户下载更新:...

4.3CVSS6.6AI score0.01465EPSS
Exploits5
NVD
NVD
added 2014/02/11 5:55 p.m.14 views

CVE-2013-2639

Cross-site scripting XSS vulnerability in CTERA Cloud Storage OS before 3.2.29.0, 3.2.42.0, and earlier allows remote attackers to inject arbitrary web script or HTML via the description in a project folder...

4.3CVSS5.6AI score0.01465EPSS
Exploits5References2
Cvelist
Cvelist
added 2014/02/11 5:0 p.m.18 views

CVE-2013-2639

Cross-site scripting XSS vulnerability in CTERA Cloud Storage OS before 3.2.29.0, 3.2.42.0, and earlier allows remote attackers to inject arbitrary web script or HTML via the description in a project folder...

5.6AI score0.01465EPSS
Exploits5References2
CVE
CVE
added 2014/02/11 5:0 p.m.46 views

CVE-2013-2639

CTERA Cloud Storage OS is affected by a Stored XSS in the Project Folder description field. Vulnerable on versions prior to 3.2.29.0 and 3.2.42.0; successful exploitation allows remote attackers to inject arbitrary script/HTML (risk includes possible session data exposure as noted in public write...

4.3CVSS5.8AI score0.01465EPSS
Exploits5References2Affected Software1
exploitpack
exploitpack
added 2014/02/07 12:0 a.m.37 views

CTERA 3.2.29.03.2.42.0 - Persistent Cross-Site Scripting

CTERA 3.2.29.03.2.42.0 - Persistent Cross-Site Scripting Exploit Title: CTERA Project Folders - Stored XSS Date: 11-Mar-2013 Exploit Author: Luigi Vezzoso Vendor Homepage: http://www.ctera.com Version: 3.2.29.0 and 3.2.42.0 Tested on: ctera os CVE : CVE-2013-2639 OVERVIEW Standard Ctera User...

4.3CVSS6.2AI score0.01465EPSS
Exploits5
Exploit DB
Exploit DB
added 2014/02/07 12:0 a.m.48 views

CTERA 3.2.29.0/3.2.42.0 - Persistent Cross-Site Scripting

Exploit Title: CTERA Project Folders - Stored XSS Date: 11-Mar-2013 Exploit Author: Luigi Vezzoso Vendor Homepage: http://www.ctera.com Version: 3.2.29.0 and 3.2.42.0 Tested on: ctera os CVE : CVE-2013-2639 OVERVIEW Standard Ctera User can define a particular “description” for a ProjectFolder tha...

4.3CVSS6.6AI score0.01465EPSS
Exploits5
Rows per page
Query Builder