Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2014/12/05 12:0 a.m.70 views

LogAnalyzer < 3.6.6 index.php / detail.php 'hostname' Parameter XSS

The LogAnalyzer install hosted on the remote web server is affected by a cross-site scripting vulnerability due to a failure to properly sanitize the 'hostname' value retrieved from log files. An attacker can exploit this issue to inject arbitrary HTML and script code into a user's browser to be...

4.3CVSS5.6AI score0.03582EPSS
Exploits6References2
CVE
CVE
added 2014/09/11 2:0 p.m.64 views

CVE-2014-6070

Summary (CVE-2014-6070): Adiscon LogAnalyzer prior to 3.6.6 is affected by cross-site scripting (XSS) via the hostname field used in index.php and detail.php. The root cause is improper sanitization of the hostname retrieved from log files, allowing an attacker to inject arbitrary HTML/JavaScript...

4.3CVSS5.7AI score0.03582EPSS
Exploits6References5Affected Software1
0day.today
0day.today
added 2014/09/08 12:0 a.m.41 views

Syslog LogAnalyzer 3.6.5 - Stored XSS Exploit

Exploit for multiple platform in category web applications Vulnerability title: Syslog LogAnalyzer 3.6.5 Stored XSS Author: Dolev Farhi Contact: dolevf at yahoo dot com @dolevff Application: LogAnalyzer 3.6.5 Date: 8.2.2014 Relevant CVEs: CVE-2014-6070 Vulnerable version: alert"xss", and sending ...

7.1AI score0.03582EPSS
Exploits6
0day.today
0day.today
added 2014/09/04 12:0 a.m.34 views

LogAnalyzer 3.6.5 Cross Site Scripting Vulnerability

LogAnalyzer version 3.6.5 suffers from a cross site scripting vulnerability. Author: Dolev Farhi @dolevff Application: LogAnalyzer Date: 8.2.2014 Tested on: Red Hat Enterprise Linux 6.4 Relevant CVEs: CVE-2014-6070 1. About the application ------------------------ LogAnalyzer is a web interface t...

4.3CVSS5.9AI score0.03582EPSS
Exploits6
Packet Storm
Packet Storm
added 2014/09/02 12:0 a.m.32 views

LogAnalyzer 3.6.5 Cross Site Scripting

Author: Dolev Farhi @dolevff Application: LogAnalyzer Date: 8.2.2014 Tested on: Red Hat Enterprise Linux 6.4 Relevant CVEs: CVE-2014-6070 1. About the application ------------------------ LogAnalyzer is a web interface to syslog and other network event data. It provides easy browsing, analysis of...

4.3CVSS6.5AI score0.03582EPSS
Exploits6
Exploit DB
Exploit DB
added 2014/09/02 12:0 a.m.30 views

Syslog LogAnalyzer 3.6.5 - Persistent Cross-Site Scripting

Vulnerability title: Syslog LogAnalyzer 3.6.5 Stored XSS Author: Dolev Farhi Contact: dolevf at yahoo dot com @dolevff Application: LogAnalyzer 3.6.5 Date: 8.2.2014 Relevant CVEs: CVE-2014-6070 Vulnerable version: alert"xss", and sending an arbitrary syslog message, a client-side script injection...

4.3CVSS6.5AI score0.03582EPSS
Exploits6
exploitpack
exploitpack
added 2014/09/02 12:0 a.m.35 views

Syslog LogAnalyzer 3.6.5 - Persistent Cross-Site Scripting (Python)

Syslog LogAnalyzer 3.6.5 - Persistent Cross-Site Scripting Python Vulnerability title: Syslog LogAnalyzer 3.6.5 Stored XSS Author: Dolev Farhi Contact: dolevf at yahoo dot com @dolevff Application: LogAnalyzer 3.6.5 Date: 8.2.2014 Relevant CVEs: CVE-2014-6070 Vulnerable version: alert"xss", and...

4.3CVSS6.1AI score0.03582EPSS
Exploits6
Rows per page
Query Builder