15 matches found
contentcity-fotoweb-poc
FotoWeb PAP Photo Matcher Proof-of-concept automatycznego dop...
EUVD-2009-0577
Malware in sbrugna...
CVE-2009-0573
Multiple cross-site scripting XSS vulnerabilities in FotoWeb 6.0 Build 273 allow remote attackers to inject arbitrary web script or HTML via the 1 s parameter to cmdrequest/Login.fwx and the 2 search parameter to Grid.fwx...
Fotoware Fotoweb Cross-site Scripting Vulnerability
Fotoware Fotoweb is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Fotoware Fotoweb Remote Version Detection
Detects the installed version of Fotoware Fotoweb. This script sends an HTTP GET request and tries to get the version from the response. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
Fotoware Fotoweb 'to' Parameter Cross-Site Scripting Vulnerability
Fotoware Fotoweb is an enterprise-level digital asset management system DMS from Fotoware Norway. A cross-site scripting vulnerability exists in Fotoware Fotoweb, which can be exploited by an attacker to execute arbitrary script code, steal cookie-based authentication and launch other attacks...
Fotoware Fotoweb 8.0 Cross Site Scripting
S21Sec Advisory - - S21SEC-047-en.txt - Title: Fotoware Fotoweb 8.0 Cross Site Scripting XSS ID: S21sec-047-en Severity: Low History: May.2016 Vulnerability discovered June.2016 Vendor contacted July.2016 Vendor patch acknowledge. Scope: Cross Site Scripting XSS Platforms: Any Author: Miguel A...
FotoWeb 6.0 Grid.fwx search Parameter XSS
No description provided by source...
FotoWeb 6.0 Login.fwx s Parameter XSS
No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register from urlparse import urljoin class TestPOCPOCBase: vulID = 'SSV-86055' vul ID version = '1' author = 'hhxx' vulDate =...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in FotoWeb 6.0 Build 273 allow remote attackers to inject arbitrary web script or HTML via the 1 s parameter to cmdrequest/Login.fwx and the 2 search parameter to Grid.fwx...
CVE-2009-0573
CVE-2009-0573 concerns FotoWeb 6.0 (Build 273). The vulnerability is described as multiple cross-site scripting (XSS) flaws that allow remote attackers to inject arbitrary web script or HTML via the 1) s parameter to cmdrequest/Login.fwx and 2) the search parameter to Grid.fwx. The connected sour...
FotoWeb 6.0 - 'Grid.fwx?search' Cross-Site Scripting
source: https://www.securityfocus.com/bid/33677/info FotoWeb is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing the...
FotoWeb 6.0 - Login.fwx?s Cross-Site Scripting
FotoWeb 6.0 - Login.fwx?s Cross-Site Scripting source: https://www.securityfocus.com/bid/33677/info FotoWeb is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied HTML and script code would execute in the context ...
FotoWeb 6.0 - Grid.fwx?search Cross-Site Scripting
FotoWeb 6.0 - Grid.fwx?search Cross-Site Scripting source: https://www.securityfocus.com/bid/33677/info FotoWeb is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied HTML and script code would execute in the...
FotoWeb 6.0 - 'Login.fwx?s' Cross-Site Scripting
source: https://www.securityfocus.com/bid/33677/info FotoWeb is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing the...