8132 matches found
MediaWiki < 1.19.10 / 1.21.4 / 1.22.1 Multiple Vulnerabilities
According to its version number, the instance of MediaWiki running on the remote host is affected by the following vulnerabilities : - Escape sequences are not properly sanitized when passed to the 'Sanitizer::checkCss' class, which allows a remote attacker to conduct cross-site scripting attacks...
CVE-2011-2927
A flaw was found in Spacewalk and Red Hat Network Satellite. This vulnerability, known as cross-site scripting XSS, allows remote attackers to inject malicious web scripts or HTML into web pages viewed by other users. The flaw is triggered through vectors related to Search forms, enabling attacke...
CVE-2011-2927
A flaw was found in Spacewalk and Red Hat Network Satellite. This vulnerability, known as cross-site scripting XSS, allows remote attackers to inject malicious web scripts or HTML into web pages viewed by other users. The flaw is triggered through vectors related to Search forms, enabling attacke...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Spacewalk 1.6, as used in Red Hat Network RHN Satellite, allow remote attackers to inject arbitrary web script or HTML via vectors related to Search forms...
CVE-2011-2927 Spacewalk: spacewalk and red hat network satellite: cross-site scripting vulnerability via search forms
A flaw was found in Spacewalk and Red Hat Network Satellite. This vulnerability, known as cross-site scripting XSS, allows remote attackers to inject malicious web scripts or HTML into web pages viewed by other users. The flaw is triggered through vectors related to Search forms, enabling attacke...
PT-2014-2132 · Red Hat · Spacewalk
Name of the Vulnerable Software and Affected Versions: Spacewalk version 1.6 Description: The issue concerns multiple cross-site scripting XSS vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The vectors related to this issue are Search forms...
Oracle Forms and Reports Database Vulnerability
Oracle Forms and Reports Database Vulnerability SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
UBUNTU-CVE-2013-7303
Multiple cross-site scripting XSS vulnerabilities in 1 squelettes-dist/formulaires/inscription.php and 2 prive/forms/editerauteur.php in SPIP before 2.1.25 and 3.0.x before 3.0.13 allow remote attackers to inject arbitrary web script or HTML via the author name field...
Oracle Forms and Reports Remote Code Execution
This module uses two vulnerabilities in Oracle Forms and Reports to get remote code execution on the host. The showenv url can be used to disclose information about a server. A second vulnerability that allows arbitrary reading and writing to the host filesystem can then be used to write a shell...
Oracle Forms and Reports 11.1 - Arbitrary Code Execution
Oracle Forms and Reports 11.1 - Arbitrary Code Execution...
Oracle Forms and Reports 11.1 - Arbitrary Code Execution
!/usr/bin/env ruby Exploit Title: Oracle Reports 11.1 About: Automated exploit for CVE-2012-3153/CVE-2012-3152 Google Dork: inurl:/reports/rwservlet/ Date: 01/28/2014 Exploit Author: Mekanismen Credits to: @misssudo for initial disclosure Reference: http://netinfiltration.com/ Vendor Homepage:...
Oracle Forms and Reports 11.1 - Remote Exploit
Exploit for jsp platform in category remote exploits require 'uri' require 'open-uri' require 'openssl' OpenSSL::SSL::VERIFYPEER = OpenSSL::SSL::VERIFYNONE def uploadpayloaddest url =...
Oracle Forms And Reports Database Disclosure
PARSEQUERY http://docs.oracle.com/cd/E1676401/bi.1111/b32121/pbrcla007.htmi640592 Description Use PARSEQUERY to parse an rwservlet query and display the constructed Reports Server command line. Syntax http://yourwebserver/reports/rwservlet/parsequery?server=servername&authid=username/password...
IBM Forms Viewer Installed
Binary data ibmformsviewerinstalled.nbin...
IBM Forms Viewer Stack Buffer Overflow
The version of IBM Forms Viewer on the remote host is affected by a stack-based buffer overflow in the XDL form fontname tag parser. This can allow an attacker to execute arbitrary code. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid72026; scriptversion"1.8";...
PHPJabbers Vacation Packages Listing 2.0多个漏洞
No description provided by source. Vacation Packages Listing V2.0 - Multiple Vulnerabilities ==================================================================== .:. Author : HackXBack .:. Contact : [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script :...
FreeBSD : chromium -- multiple vulnerabilities (5acf4638-7e2c-11e3-9fba-00262d5ed8ee)
Google Chrome Releases reports : 11 security fixes in this release, including : - 249502 High CVE-2013-6646: Use-after-free in web workers. Credit to Collin Payne. - 326854 High CVE-2013-6641: Use-after-free related to forms. Credit to Atte Kettunen of OUSPG. - 324969 High CVE-2013-6642: Address...
chromium -- multiple vulnerabilities
Google Chrome Releases reports: 11 security fixes in this release, including: 249502 High CVE-2013-6646: Use-after-free in web workers. Credit to Collin Payne. 326854 High CVE-2013-6641: Use-after-free related to forms. Credit to Atte Kettunen of OUSPG. 324969 High CVE-2013-6642: Address bar...
PT-2014-2542 · Red Hat +1 · Red Hat Cloudforms +1
Name of the Vulnerable Software and Affected Versions: Red Hat CloudForms 2.0 Management Engine CFME versions 5.1 and earlier ManageIQ Enterprise Virtualization Manager versions 5.0 and earlier Description: The issue allows remote authenticated users to execute arbitrary SQL commands. This is...
[CVE-2013-5573] Jenkins v1.523 Default markup formatter permits offsite-bound forms
Advisory Information Title: Default markup formatter permits offsite-bound forms Date published : 2013-12-16 Date of last update: 2013-12-16 Vendors contacted : Jenkins CI v 1.523 Discovered by: Christian Catalano Severity: Low 02. Vulnerability Information CVE reference: CVE-2013-5573 CVSS v2...