15 matches found
contentcity-fotoweb-poc
FotoWeb PAP Photo Matcher Proof-of-concept automatycznego dop...
EUVD-2009-0577
Malware in sbrugna...
CVE-2009-0573
Multiple cross-site scripting XSS vulnerabilities in FotoWeb 6.0 Build 273 allow remote attackers to inject arbitrary web script or HTML via the 1 s parameter to cmdrequest/Login.fwx and the 2 search parameter to Grid.fwx...
Fotoware Fotoweb Remote Version Detection
Detects the installed version of Fotoware Fotoweb. This script sends an HTTP GET request and tries to get the version from the response. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
Fotoware Fotoweb Cross-site Scripting Vulnerability
Fotoware Fotoweb is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Fotoware Fotoweb 'to' Parameter Cross-Site Scripting Vulnerability
Fotoware Fotoweb is an enterprise-level digital asset management system DMS from Fotoware Norway. A cross-site scripting vulnerability exists in Fotoware Fotoweb, which can be exploited by an attacker to execute arbitrary script code, steal cookie-based authentication and launch other attacks...
Fotoware Fotoweb 8.0 Cross Site Scripting
S21Sec Advisory - - S21SEC-047-en.txt - Title: Fotoware Fotoweb 8.0 Cross Site Scripting XSS ID: S21sec-047-en Severity: Low History: May.2016 Vulnerability discovered June.2016 Vendor contacted July.2016 Vendor patch acknowledge. Scope: Cross Site Scripting XSS Platforms: Any Author: Miguel A...
FotoWeb 6.0 Login.fwx s Parameter XSS
No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register from urlparse import urljoin class TestPOCPOCBase: vulID = 'SSV-86055' vul ID version = '1' author = 'hhxx' vulDate =...
FotoWeb 6.0 Grid.fwx search Parameter XSS
No description provided by source...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in FotoWeb 6.0 Build 273 allow remote attackers to inject arbitrary web script or HTML via the 1 s parameter to cmdrequest/Login.fwx and the 2 search parameter to Grid.fwx...
CVE-2009-0573
CVE-2009-0573 concerns FotoWeb 6.0 (Build 273). The vulnerability is described as multiple cross-site scripting (XSS) flaws that allow remote attackers to inject arbitrary web script or HTML via the 1) s parameter to cmdrequest/Login.fwx and 2) the search parameter to Grid.fwx. The connected sour...
FotoWeb 6.0 - Grid.fwx?search Cross-Site Scripting
FotoWeb 6.0 - Grid.fwx?search Cross-Site Scripting source: https://www.securityfocus.com/bid/33677/info FotoWeb is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied HTML and script code would execute in the...
FotoWeb 6.0 - Login.fwx?s Cross-Site Scripting
FotoWeb 6.0 - Login.fwx?s Cross-Site Scripting source: https://www.securityfocus.com/bid/33677/info FotoWeb is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied HTML and script code would execute in the context ...
FotoWeb 6.0 - 'Grid.fwx?search' Cross-Site Scripting
source: https://www.securityfocus.com/bid/33677/info FotoWeb is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing the...
FotoWeb 6.0 - 'Login.fwx?s' Cross-Site Scripting
source: https://www.securityfocus.com/bid/33677/info FotoWeb is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing the...