Lucene search
K

81 matches found

Exploit DB
Exploit DB
added 2010/03/23 12:0 a.m.30 views

SpringSource (Multiple Products) - Multiple HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/38913/info Multiple SpringSource Products are prone to multiple HTML-injection vulnerabilities because they fail to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected site,...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2010/03/23 12:0 a.m.18 views

SpringSource (Multiple Products) - Multiple HTML Injection Vulnerabilities

SpringSource Multiple Products - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/38913/info Multiple SpringSource Products are prone to multiple HTML-injection vulnerabilities because they fail to sufficiently sanitize user-supplied data. Attacker-supplied HTML o...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2010/03/23 12:0 a.m.33 views

SpringSource Hyperic HQ Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2009-2907: SpringSource Hyperic HQ multiple XSS vulnerabilities Severity: Moderate Vendor: SpringSource Versions Affected: SpringSource Hyperic HQ 4.2 pre-release versions SpringSource Hyperic HQ 4.1.0 to 4.1.2 SpringSource Hyperic HQ 4.0.0 to 4.0...

4.3CVSS6.7AI score0.01199EPSS
Exploits2
NVD
NVD
added 2009/10/13 10:30 a.m.13 views

CVE-2009-2897

Multiple cross-site scripting XSS vulnerabilities in hq/web/common/GenericError.jsp in the generic exception handler in the web interface in SpringSource Hyperic HQ 3.2.x before 3.2.6.1, 4.0.x before 4.0.3.1, 4.1.x before 4.1.2.1, and 4.2-beta1; Application Management Suite AMS 2.0.0.SR3; and tc...

4.3CVSS5.7AI score0.02443EPSS
Exploits7References12
NVD
NVD
added 2009/10/13 10:30 a.m.18 views

CVE-2009-2898

Cross-site scripting XSS vulnerability in the Alerts list feature in the web interface in SpringSource Hyperic HQ 3.2.x before 3.2.6.1, 4.0.x before 4.0.3.1, 4.1.x before 4.1.2.1, and 4.2-beta1; Application Management Suite AMS 2.0.0.SR3; and tc Server 6.0.20.B allows remote authenticated users t...

3.5CVSS5.2AI score0.0183EPSS
Exploits7References9
Prion
Prion
added 2009/10/13 10:30 a.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Alerts list feature in the web interface in SpringSource Hyperic HQ 3.2.x before 3.2.6.1, 4.0.x before 4.0.3.1, 4.1.x before 4.1.2.1, and 4.2-beta1; Application Management Suite AMS 2.0.0.SR3; and tc Server 6.0.20.B allows remote authenticated users t...

3.5CVSS5.7AI score0.0183EPSS
Exploits7References9Affected Software3
CVE
CVE
added 2009/10/13 10:0 a.m.53 views

CVE-2009-2898

Hyperic HQ contains cross-site scripting (XSS) vulnerabilities (CVE-2009-2898) in the web interface. A remote authenticated user can inject arbitrary script via the Description field in the Alerts list, leading to stored XSS, and there are also reflected XSS paths via the GenericError.jsp handlin...

3.5CVSS5.1AI score0.0183EPSS
Exploits7References9Affected Software3
Cvelist
Cvelist
added 2009/10/13 10:0 a.m.19 views

CVE-2009-2897

Multiple cross-site scripting XSS vulnerabilities in hq/web/common/GenericError.jsp in the generic exception handler in the web interface in SpringSource Hyperic HQ 3.2.x before 3.2.6.1, 4.0.x before 4.0.3.1, 4.1.x before 4.1.2.1, and 4.2-beta1; Application Management Suite AMS 2.0.0.SR3; and tc...

5.7AI score0.02443EPSS
Exploits7References12
Cvelist
Cvelist
added 2009/10/13 10:0 a.m.41 views

CVE-2009-2898

Cross-site scripting XSS vulnerability in the Alerts list feature in the web interface in SpringSource Hyperic HQ 3.2.x before 3.2.6.1, 4.0.x before 4.0.3.1, 4.1.x before 4.1.2.1, and 4.2-beta1; Application Management Suite AMS 2.0.0.SR3; and tc Server 6.0.20.B allows remote authenticated users t...

5.2AI score0.0183EPSS
Exploits7References9
CVE
CVE
added 2009/10/13 10:0 a.m.64 views

CVE-2009-2897

Hyperic HQ pre-3.2.6.1, 4.0.x pre-4.0.3.1, 4.1.x pre-4.1.2.1 and 4.2-beta1 are affected by XSS in the web UI due to improper handling of numeric parameters in multiple .do endpoints, notably mastheadAttach.do (typeId), Resource.do (eid), and UserAdmin.do (u). The flaw originates from an uncaught ...

4.3CVSS5.6AI score0.02443EPSS
Exploits7References12Affected Software3
seebug.org
seebug.org
added 2009/10/13 12:0 a.m.29 views

Hyperic HQ跨站脚本和脚本注入漏洞

CVECAN ID: CVE-2009-2897,CVE-2009-2898 Hyperic HQ是一个开源的IT资源管理平台。 Hyperic HQ没有正确地验证提交给mastheadAttach.do的typeId参数、Resource.do的eid参数以及admin/user /UserAdmin.do的u参数便返回给了用户,这可能导致反射式跨站脚本攻击;此外由于没有正确地过滤传送给Description参数的输入便在警告列表中返回给了用户,这可能导致存储式跨站脚本攻击。 SpringSource Hyperic HQ 4.2-beta1 SpringSource Hyperic ...

4.3CVSS6.4AI score0.02443EPSS
Exploits8
securityvulns
securityvulns
added 2009/10/06 12:0 a.m.55 views

CVE-2009-2898: Hyperic HQ - Stored XSS in alerts list

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 CVE-2009-2898: Stored XSS in alerts list Severity: Moderate Vendor: SpringSource Versions Affected: Hyperic HQ 3.2, 4.0, 4.1, 4.2-beta1. Earlier, unsupported versions may also be affected Description: An authenticated Hyperic user can create an aler...

4.3CVSS5.3AI score0.02443EPSS
Exploits8
securityvulns
securityvulns
added 2009/10/06 12:0 a.m.61 views

CVE-2009-2897: Hyperic HQ - Reflected XSS in stack trace

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 CVE-2009-2897: Reflected XSS in stack trace Severity: Moderate Vendor: SpringSource Versions Affected: Hyperic HQ 3.2, 4.0, 4.1, 4.2-beta1. Earlier, unsupported versions may also be affected Description: The stack trace displayed on the default erro...

4.3CVSS6AI score0.02443EPSS
Exploits8
securityvulns
securityvulns
added 2009/10/06 12:0 a.m.59 views

CORE-2009-0812-Hyperic HQ Multiple XSS

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Hyperic HQ Multiple XSS 1. Advisory Information Title: Hyperic HQ Multiple XSS Advisory Id: CORE-2009-0812 Advisory URL:...

4.3CVSS5.7AI score0.02443EPSS
Exploits8
Packet Storm
Packet Storm
added 2009/10/05 12:0 a.m.58 views

Core Security Technologies Advisory 2009.0812

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Hyperic HQ Multiple XSS 1. Advisory Information Title: Hyperic HQ Multiple XSS Advisory Id: CORE-2009-0812 Advisory URL:...

4.3CVSS0.8AI score0.02443EPSS
Exploits8
exploitpack
exploitpack
added 2009/10/02 12:0 a.m.12 views

Hyperic HQ 3.2 4.2-beta1 - Multiple Cross-Site Scripting Vulnerabilities

Hyperic HQ 3.2 4.2-beta1 - Multiple Cross-Site Scripting Vulnerabilities...

0.8AI score
Exploits0
0day.today
0day.today
added 2009/10/02 12:0 a.m.47 views

Hyperic HQ 3.2 - 4.2-beta1 Multiple XSS

Exploit for jsp platform in category web applications ======================================= Hyperic HQ 3.2 - 4.2-beta1 Multiple XSS ======================================= Hyperic HQ 1 is an open source monitoring software designed to manage web applications and infrastructure. It auto-discover...

7.1AI score0.02443EPSS
Exploits8
seebug.org
seebug.org
added 2009/10/02 12:0 a.m.42 views

Hyperic HQ 3.2 - 4.2-beta1 Multiple XSS

No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Hyperic HQ Multiple XSS 1. Advisory Information Title: Hyperic HQ Multiple XSS Advisory Id: CORE-2009-0812 Advisory URL:...

4.3CVSS6.5AI score0.02443EPSS
Exploits8
Core Security
Core Security
added 2009/10/02 12:0 a.m.38 views

Hyperic HQ Multiple XSS

Advisory ID Internal CORE-2009-0812 1. Advisory Information Title: Hyperic HQ Multiple XSS Advisory Id: CORE-2009-0812 Date published: 2009-10-02 Date of last update: 2009-11-23 Vendors contacted: SpringSource Release mode: Coordinated release 2. Vulnerability Information Class: Cross site...

4.3CVSS6.2AI score0.02443EPSS
Exploits8
Exploit DB
Exploit DB
added 2009/10/02 12:0 a.m.56 views

Hyperic HQ 3.2 < 4.2-beta1 - Multiple Cross-Site Scripting Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Hyperic HQ Multiple XSS 1. Advisory Information Title: Hyperic HQ Multiple XSS Advisory Id: CORE-2009-0812 Advisory URL:...

4.3CVSS6.4AI score0.02443EPSS
Exploits8
Rows per page
Query Builder