EUVD-2007-5093

Malware in sbrugna...

EUVD-2007-5094

Malware in sbrugna...

Google Urchin 5.7.3 Report.CGI Authorization Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26037/info Google Urchin is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to gain administrative access to the vulnerable application. This may lead to other attacks. Urchin 5.7.03 is...

Google Urchin 5.7.03 LFI Vulnerability 0day

No description provided by source. Summary: Google Urchin is vulnerable to a Local File Include LFI vulnerability that allows arbitrary reading of files. Confirmed in version 5.7.03 running on Linux. Issue may exist in other versions as well. Analysis: During normal usage, Google Urchin creates...

Google Urchin 5.7.03 LFI Vulnerability 0day

Exploit for cgi platform in category web applications Summary: Google Urchin is vulnerable to a Local File Include LFI vulnerability that allows arbitrary reading of files. Confirmed in version 5.7.03 running on Linux. Issue may exist in other versions as well. Analysis: During normal usage, Goog...

Google Urchin 5.7.03 Local File Inclusion

Summary: Google Urchin is vulnerable to a Local File Include LFI vulnerability that allows arbitrary reading of files. Confirmed in version 5.7.03 running on Linux. Issue may exist in other versions as well. Windows builds seemingly affected too. Analysis: During normal usage, Google Urchin creat...

Google Urchin 5.7.03 - Local File Inclusion

Google Urchin 5.7.03 - Local File Inclusion Summary: Google Urchin is vulnerable to a Local File Include LFI vulnerability that allows arbitrary reading of files. Confirmed in version 5.7.03 running on Linux. Issue may exist in other versions as well. Analysis: During normal usage, Google Urchin...

Google Urchin 5.7.03 - Local File Inclusion

Summary: Google Urchin is vulnerable to a Local File Include LFI vulnerability that allows arbitrary reading of files. Confirmed in version 5.7.03 running on Linux. Issue may exist in other versions as well. Analysis: During normal usage, Google Urchin creates files on disk that are then embedded...

Google Urchin <= 5.7.03 report.cgi Administrative Bypass

Binary data 4242.prm...

Google Urchin 5.7.3 - Report.cgi Authentication Bypass

Google Urchin 5.7.3 - Report.cgi Authentication Bypass source: https://www.securityfocus.com/bid/26037/info Google Urchin is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to gain administrative access to the vulnerable application. This may lead to other...

Cross site scripting

Cross-site scripting XSS vulnerability in session.cgi aka the login page in Google Urchin 5 5.7.03 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string, a different vulnerability than CVE-2007-4713. NOTE: this can be leveraged to capture login credential...

CVE-2007-5113

report.cgi in Google Urchin allows remote attackers to bypass authentication and obtain sensitive information web server logs via certain modified query parameters, as demonstrated using the profile, rid, prefs, n, vid, bd, ed, dt, and gtype parameters, a different vulnerability than CVE-2007-511...

Authentication flaw

report.cgi in Google Urchin allows remote attackers to bypass authentication and obtain sensitive information web server logs via certain modified query parameters, as demonstrated using the profile, rid, prefs, n, vid, bd, ed, dt, and gtype parameters, a different vulnerability than CVE-2007-511...

CVE-2007-5112

Cross-site scripting XSS vulnerability in session.cgi aka the login page in Google Urchin 5 5.7.03 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string, a different vulnerability than CVE-2007-4713. NOTE: this can be leveraged to capture login credential...

CVE-2007-5113

CVE-2007-5113 affects Google Urchin 5 (&lt;= 5.7.03) where report.cgi allows remote attackers to bypass authentication and access sensitive information (web server logs) by modifying query parameters such as profile, rid, prefs, n, vid, bd, ed, dt, and gtype. The vulnerability is related to an au...

CVE-2007-5113

report.cgi in Google Urchin allows remote attackers to bypass authentication and obtain sensitive information web server logs via certain modified query parameters, as demonstrated using the profile, rid, prefs, n, vid, bd, ed, dt, and gtype parameters, a different vulnerability than CVE-2007-511...

CVE-2007-5112

CVE-2007-5112 is an XSS vulnerability in Google Urchin 5 (versions up to 5.7.03 and earlier) affecting the session.cgi (login page). The weakness allows remote attackers to inject arbitrary script/HTML via the query string, as described in the NVD entry. The impact noted includes potential creden...

Google Urchin password theft madness

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 There is a trivially exploitable XSS vul on Google Urchin Web Analytics 5's login page. The vulnerability has been tested on versions 5.6.00r2, v5.7.01, 5.7.02 and 5.7.03 latest. Previous versions are most likely to be affected as well. I know that...