EUVD-2012-5534

Malware in sbrugna...

Facebook Marketplace Is Being Ruined by Zelle Scammers

I tried to sell a futon on Facebook Marketplace and nearly all I got were scammers...

futon-maruarai.jp Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1171481 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

Apache CouchDB CSRF Vulnerability

Apache CoucDB is open source database software , it has an easy to use and scalable architecture . It has a document-oriented NoSQL database architecture , and concurrency-oriented language Erlang implementation ; it uses JSON to store data , JavaScript using MapReduce as a query language , using...

CVE-2012-5650

Cross-site scripting XSS vulnerability in the Futon UI in Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the browser-based test suite...

CVE-2012-5650

Cross-site scripting XSS vulnerability in the Futon UI in Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the browser-based test suite...

FreeBSD : couchdb -- DOM based XSS via Futon UI (4fb45a1c-c5d0-11e2-8400-001b216147b0)

Jan Lehnardt reports : Query parameters passed into the browser-based test suite are not sanitised, and can be used to load external resources. An attacker may execute JavaScript code in the browser, using the context of the remote user. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

Apache CouchDB < 1.0.4 / 1.1.2 / 1.2.1 Multiple Vulnerabilities

Binary data 800632.prm...

Apache CouchDB < 1.0.4 / 1.1.2 / 1.2.1 Multiple Vulnerabilities

According to its banner, the version of CouchDB running on the remote host is earlier than 1.0.4, 1.1.x earlier than 1.1.2 or 1.2.x earlier than 1.2.1. It is, therefore, potentially affected by the following vulnerabilities : - An unspecified error exists in the included MochiWeb HTTP library tha...

CVE-2012-5650 Apache CouchDB DOM based Cross-Site Scripting via Futon UI

CVE-2012-5650 DOM based Cross-Site Scripting via Futon UI Affected Versions: Apache CouchDB releases up to and including 1.0.3, 1.1.1, and 1.2.0 are vulnerable. Description: Query parameters passed into the browser-based test suite are not sanitised, and can be used to load external resources. An...

couchdb -- DOM based Cross-Site Scripting via Futon UI

Jan Lehnardt reports: Query parameters passed into the browser-based test suite are not sanitised, and can be used to load external resources. An attacker may execute JavaScript code in the browser, using the context of the remote user...

Apache CouchDB < 1.0.2 Futon Admin Interface XSS

According to its banner, the version of CouchDB running on the remote host is affected by a cross-site scripting vulnerability. The application fails to properly sanitize user-supplied input before it is used in the Futon admin interface. A remote attacker could exploit this to execute arbitrary...

CVE-2010-3854

Multiple cross-site scripting XSS vulnerabilities in the web administration interface aka Futon in Apache CouchDB 0.8.0 through 1.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2010-3854

CVE-2010-3854 affects Apache CouchDB Futon (web admin) from versions 0.8.0 through 1.0.1, where multiple XSS vulnerabilities permit remote script/HTML injection via unspecified vectors. Core issue: improper input handling in Futon. Impact is remote script execution in the admin interface context....

Apache CouchDB Cross Site Request Forgery Vulnerability

Apache CouchDB is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to gain unauthorized access to the affected application and perform certain actions in the context of the 'Futon' administration interface; other attacks are also possible...

Apache CouchDB < 0.11.1 CSRF Vulnerability

Apache CouchDB is prone to a cross-site request-forgery CSRF vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CouchDB < 0.11.2 Futon Admin Interface Cross-Site Request Forgery

Binary data 5642.prm...