36 matches found
dotDefender Firewall Cross-Site Request Forgery Vulnerability
dotDefender is a suite of real-time network monitoring tools that provide comprehensive monitoring of networks, protection against malicious attacks by hackers, and more. A cross-site request forgery vulnerability exists in dotDefender that allows remote attackers to construct malicious URIs, tri...
dotDefender Cross-Site Request Forgery Vulnerability
dotDefender is a suite of real-time network monitoring tools that provide comprehensive monitoring of networks, protection against malicious attacks by hackers, and more. A cross-site request forgery vulnerability exists in dotDefender that allows remote attackers to construct malicious URIs, tri...
dotDefender Firewall 5.00.12865 / 5.13-13282 Cross Site Scripting
Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/DOT-DEFENDER-VULN-FLASH.txt Vendor: ================== www.applicure.com Product: ===================== dotDefender Firewall Versions: 5.00.12865 / 5.13-13282 dotDefender is a Web...
dotDefender Firewall 5.00.12865 / 5.13-13282 Cross Site Request Forgery
Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/DOT-DEFENDER-CSRF.txt Vendor: ================== www.applicure.com Product: ===================== dotDefender Firewall Versions: 5.00.12865 / 5.13-13282 dotDefender is a Web application...
dotDefender Firewall 5.00.12865/5.13-13282 - Cross-Site Request Forgery
Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/DOT-DEFENDER-CSRF.txt Vendor: ================== www.applicure.com Product: ===================== dotDefender Firewall Versions: 5.00.12865 / 5.13-13282 dotDefender is a Web application...
dotDefender Firewall 5.00.12865 / 5.13-13282 - Cross-Site Request Forgery
Exploit for php platform in category web applications + Credits: hyp3rlinx Vendor: ================== www.applicure.com Product: ===================== dotDefender Firewall Versions: 5.00.12865 / 5.13-13282 dotDefender is a Web application firewall WAF for preventing hacking attacks like XSS, SQL...
dotDefender Firewall 5.00.128655.13-13282 - Cross-Site Request Forgery
dotDefender Firewall 5.00.128655.13-13282 - Cross-Site Request Forgery + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/DOT-DEFENDER-CSRF.txt Vendor: ================== www.applicure.com Product: ===================== dotDefender Firewa...
DotDefender <= 3.8-5 No Authentication Remote Code Execution Through XSS
No description provided by source. / DotDefender = 3.8-5 No Authentication Remote Code Execution Through XSS Tested on DotDefender 3.8-5 On Ubuntu Server 9.10 64-bit with Firefox 3.6.3 Paul Hand aka rAWjAW AT offsec.com Original Post-Authentication Remote Command Execution Vulnerability:...
Applicure DotDefender Persistent XSS
No description provided by source. An advisory by EnableSecurity. ID: ES-20100601 Advisory URL: http://resources.enablesecurity.com/advisories/ES-20100601-dotdefender4.txt Affected Versions: version 4.0 Fixed versions: 4.01-3 and later Description: Applicure dotDefender is a Web Application...
[dotDefender] Web Application Security
dotDefender is the market-leading software Web Application Firewall WAF. dotDefender boasts enterprise-class security, advanced integration capabilities, easy maintenance and low total cost of ownership TCO. dotDefender is the perfect choice for protecting your web site and web applications today...
Applicure dotDefender format string vulnerability
Format specificators are not escaped on error message generation...
SEC Consult SA-20121115-0 :: Applicure dotDefender WAF format string vulnerability
SEC Consult Vulnerability Lab Security Advisory 20121115-0 ========================================================================== title: Applicure dotDefender WAF format string vulnerability product: dotDefender for Linux/Apache vulnerable version: = 4.26 fixed version: 5.00 CVE number: -...
http-waf-detect NSE Script
Attempts to determine whether a web server is protected by an IPS Intrusion Prevention System, IDS Intrusion Detection System or WAF Web Application Firewall by probing the web server with malicious payloads and detecting changes in the response code and body. To do this the script will send a...
dotDefender protection bypass
It's possible to bypass XSS protection...
XSS holes dotDefender
dotDefender is prone to a XSS because it doesn't satinate the input vars correctly. Injecting obfusctated JavaScript code based on references vars assignment, the dotDefender WAF is vulnerable. Class: Input Validation Error Remote: Yes Credit: David K. SH4V Vulnerable: till 4.02 Exploit: img...
dotDefender 4.02 - Authentication Bypass
dotDefender is prone to a XSS because it doesn't satinate the input vars correctly. Injecting obfusctated JavaScript code based on references vars assignment, the dotDefender WAF is vulnerable. Class: Input Validation Error Remote: Yes Credit: David K. SH4V Vulnerable: till 4.02 Exploit: //POST...
dotDefender 4.02 - Authentication Bypass
dotDefender 4.02 - Authentication Bypass dotDefender is prone to a XSS because it doesn't satinate the input vars correctly. Injecting obfusctated JavaScript code based on references vars assignment, the dotDefender WAF is vulnerable. Class: Input Validation Error Remote: Yes Credit: David K. SH4...
dotDefender 4.02 Authentication Bypass Vulnerability
Exploit for windows platform in category remote exploits ==================================================== dotDefender 4.02 Authentication Bypass Vulnerability ==================================================== dotDefender is prone to a XSS because it doesn't satinate the input vars correctl...
dotDefender 4.02 - 'clave' Cross-Site Scripting
source: https://www.securityfocus.com/bid/41541/info dotDefender is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context o...
dotDefender 4.02 - clave Cross-Site Scripting
dotDefender 4.02 - clave Cross-Site Scripting source: https://www.securityfocus.com/bid/41541/info dotDefender is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...