CVE-2026-5708

Unsanitized control of user-modifiable attributes in the session creation component in AWS Research and Engineering Studio RES prior to version 2026.03 could allow an authenticated remote user to escalate privileges, assume the virtual desktop host instance profile permissions, and interact with...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Opsview 4.6.2 and earlier allow remote attackers to inject arbitrary web script or HTML via a 1 crafted check plugin, the 2 description in a host profile, or the 3 pluginargs parameter to a Test service check page...

CVE-2015-4420

Opsview CVE-2015-4420 affects Opsview 4.6.2 and earlier, with multiple XSS flaws exploitable via (1) crafted check plugins, (2) description text in a host profile, or (3) the plugin_args parameter on a Test service check page. The issue enables remote injection of arbitrary script/HTML and is doc...

Opsview <= 4.6.2 - Multiple XSS Vulnerabilities

Exploit for php platform in category web applications Exploit title: Opsview 4.6.2 - Multiple XSS Date: 07-06-2015 Vendor homepage: www.opsview.com Version: 4.6.2 CVE: CVE-2015-4420 Author: Dolev Farhi @dolevf Tested On: Kali Linux + Windows 7 Details: -------- Opsview is a monitoring system base...