4 matches found
CVE-2014-2710
CVE-2014-2710 affects Oliver (formerly Webshare) up to version 1.3.1. The vulnerability is non-persistent XSS via PATH_INFO on the login endpoints (index.php and loginform-inc.php). Root cause: input handling/validation flaw on login pages leading to script/HTML injection. Impact per sources incl...
Oliver 1.3.0 / 1.3.1 Cross Site Scripting
Advisory Information Title: Multiple Reflected XSS vulnerabilities in Oliver formerly Webshare v1.3.1 Date published: 2016-15-04 Date of last update: 2014-03-04 Vendors contacted: Oliver formerly Webshare v1.3.1 Discovered by: Rv3Laboratory Research Team Severity: Medium 02. Vulnerability...
Dell KACE K1000 < 5.5.90547 / 5.4.76849 Arbitrary File Upload and Command Execution
The web interface for the version of the Dell KACE K1000 appliance on the remote host is affected by an arbitrary file upload vulnerability. With a specially crafted HTTP request, an attacker could upload a malicious script to the web server directory and use it to execute arbitrary commands with...
Array Networks vxAG/xAPV Multiple Vulnerabilities (Mar 2014)
Array Networks vxAG/xAPV is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...