Debian DSA-1883-1 : nagios2 - missing input sanitising

Several vulnerabilities have been found in nagios2, a host/service/network monitoring and management system. The Common Vulnerabilities and Exposures project identifies the following problems : Several cross-site scripting issues via several parameters were discovered in the CGI scripts, allowing...

PacketFence Network Access Controller - Cross-Site Scripting

PacketFence Network Access Controller - Cross-Site Scripting Title : Injection Flaw in PacketFence Network Access Controller Date : 20-12-2009 Author : K053 Tested on : Private Networks Download : http://www.packetfence.org/download/releases.html Note : ------ PacketFence is a fully supported, Fr...

PacketFence Network Access Controller XSS vulnerability

Exploit for unknown platform in category web applications ======================================================= PacketFence Network Access Controller XSS vulnerability ======================================================= Title : Injection Flaw in PacketFence Network Access Controller Date :...

Micronet SP1910 Cross Site Scripting

Exploit: XSS & Html code injection in Micronet SP1910 data access controller UI Date: 27-11-2009 Author: K053 Vendor: http://www.micronet.info/modeldetail.aspx?seriesno=6&sno=472 Tested on : Private Networks ------------------------------------------------------------------------------------ Note...

PHP-Nuke <= 8.0 XSS & HTML Code Injection in News Module

Exploit for unknown platform in category web applications ======================================================== PHP-Nuke alert/XSS/.source 2. Html code injection : -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 0day.today 2018-03-19...

PHP-Nuke &lt;= 8.0 XSS &amp; HTML Code Injection in News Module

No description provided by source. Software Link: http://www.phpnuke.org/modules.php?name=Downloads&dop=viewdownload&cid=1 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= note : This bug found by tampering passed data . coders don't sanitize and check user entry point for news rate...

Micronet SP1910 Data Access Controller UI XSS &amp; HTML Code Injection

No description provided by source. Exploit: XSS & Html code injection in Micronet SP1910 data access controller UI Date: 27-11-2009 Author: K053 Vendor: http://www.micronet.info/modeldetail.aspx?seriesno=6&sno=472 Tested on : Private Networks...

PHP-Nuke 8.0 - News Module Cross-Site Scripting HTML Code Injection

PHP-Nuke 8.0 - News Module Cross-Site Scripting HTML Code Injection Software Link: http://www.phpnuke.org/modules.php?name=Downloads&dop=viewdownload&cid=1 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= note : This bug found by tampering passed data . coders don't sanitize and che...

Micronet SP1910 Data Access Controller UI - Cross-Site Scripting HTML Code Injection

Micronet SP1910 Data Access Controller UI - Cross-Site Scripting HTML Code Injection Exploit: XSS & Html code injection in Micronet SP1910 data access controller UI Date: 27-11-2009 Author: K053 Vendor: http://www.micronet.info/modeldetail.aspx?seriesno=6&sno=472 Tested on : Private Networks...

Micronet SP1910 Data Access Controller UI XSS & HTML Code Injection

Exploit for unknown platform in category web applications =================================================================== Micronet SP1910 Data Access Controller UI XSS & HTML Code Injection =================================================================== Exploit: XSS & Html code injection ...

Micronet SP1910 Data Access Controller UI - Cross-Site Scripting / HTML Code Injection

Exploit: XSS & Html code injection in Micronet SP1910 data access controller UI Date: 27-11-2009 Author: K053 Vendor: http://www.micronet.info/modeldetail.aspx?seriesno=6&sno=472 Tested on : Private Networks ------------------------------------------------------------------------------------ Note...

PHP-Nuke 8.0 - News Module Cross-Site Scripting / HTML Code Injection

Software Link: http://www.phpnuke.org/modules.php?name=Downloads&dop=viewdownload&cid=1 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= note : This bug found by tampering passed data . coders don't sanitize and check user entry point for news rate...

JibberBook GuestBook 2.3 Multiple Vulnerabilities

» Script: JibberBook » Language: PHP » Website: http://jibberbook.com » Founder: Onur YILMAZ aka DJR » Site: www.onuryilmaz.info === data source of comments disclosure .xml file === » JibberBook/datalayer/xml/comments.xml === output === message mID="m54a7c965f0318a7.23679427" name/name website /...

Sun Java Web Console Multiple XSS Vulnerabilities

The host is running Java Web Console and is prone to Multiple Cross-Site Scripting Vulnerabilities. OpenVAS Vulnerability Test $Id: gbsunjavawebconsolexssvuln.nasl 4892 2016-12-30 15:39:07Z teissa $ Sun Java Web Console Multiple XSS Vulnerabilities Authors: Sharath S Copyright: Copyright c 2009...

Sun Java Web Console 3.0.2 - 3.0.5 Multiple XSS Vulnerabilities

Java Web Console is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ESET Remote Administrator XSS Vulnerability

This host is running ESET Remote Administrator and is prone to remote Cross-Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: secpodesetremoteadministratorxssvuln.nasl 6517 2017-07-04 13:34:20Z cfischer $ ESET Remote Administrator XSS Vulnerability Authors: Nikita MR Copyright:...

IBM Tivoli Netcool Service Quality Manager跨站脚本及HTML代码注入漏洞

BUGTRAQ ID: 32233 IBM Tivoli Netcool Service Quality Manager是IBM Tivoli服务质量管理解决方案的核心软件。 Tivoli Netcool Service Quality Manager的Web接口中存在多个跨站脚本漏洞，已认证的用户可以使用报表生成功能创建名称中嵌入了恶意代码的报表，当在主面板中打开报表历史时就会在用户浏览器会话中执行注入的代码。 至少有以下三个页面存在漏洞： http://server/document root/ReportTree http://server/document root/Launch...

Detailed WINRAR self-extracting cross-site attack vulnerabilities-vulnerability warning-the black bar safety net

Listen to many people say WINRAR self-extracting format of the file in the installation interface can be cross-site, the author personally tested, this not alone that is across Station, originally thought it was a new out of the vulnerability of it, the original is WINRAR itself defects, in which...

WEBAlbum &lt;= 2.0 Remote Stored Cross Site Scripting Vulnerability

================================================================ WEBAlbum = 2.0 Remote Stored Cross Site Scripting Vulnerability ================================================================ AUTHOR : CWH Underground DATE : 5 June 2008 SITE : www.citec.us APPLICATION : WEBAlbum VERSION : = 2.0...

webalbum-xss.txt

================================================================ WEBAlbum XSS Vulnerabilities POST Variable: id POST Variable: category Greetz: ZeQ3uL, BAD $ectors, Snapter, Conan, Win7dos, JabAv0C...