9 matches found
CVE-2017-5998
Cross-site scripting XSS vulnerability in InterSect Alliance SNARE Epilog for UNIX version 1.5 allows remote authenticated users to inject arbitrary web script or HTML via the strlogname parameter in a "Web Admin Portal Log Configuration Add" action...
Cross site scripting
Cross-site scripting XSS vulnerability in InterSect Alliance SNARE Epilog for UNIX version 1.5 allows remote authenticated users to inject arbitrary web script or HTML via the strlogname parameter in a "Web Admin Portal Log Configuration Add" action...
CVE-2017-5998
Cross-site scripting XSS vulnerability in InterSect Alliance SNARE Epilog for UNIX version 1.5 allows remote authenticated users to inject arbitrary web script or HTML via the strlogname parameter in a "Web Admin Portal Log Configuration Add" action...
CVE-2017-5998
Cross-site scripting XSS vulnerability in InterSect Alliance SNARE Epilog for UNIX version 1.5 allows remote authenticated users to inject arbitrary web script or HTML via the strlogname parameter in a "Web Admin Portal Log Configuration Add" action...
CVE-2017-5998
CVE-2017-5998 concerns InterSect Alliance SNARE Epilog for UNIX v1.5. The issue is a cross-site scripting (XSS) vulnerability in the Web Admin Portal’s Log Configuration add action, exploitable when an authenticated user supplies a crafted value to the str_log_name parameter. The root cause is im...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in the web management interface in InterSect Alliance Snare Agent 3.2.3 and earlier on Solaris, Snare Agent 3.1.7 and earlier on Windows, Snare Agent 1.5.0 and earlier on Linux and AIX, Snare Agent 1.4 and earlier on IRIX, Snare Epilog 1.5....
KLA10331 SB vulnerability in Snare
A CSRF vulnerability was found in Snare. By exploiting this vulnerability malicious users can hijack administrator auth. This vulnerability can be exploited remotely. Original advisories - Related products Snare-for-Windows Epilog-for-Windows CVE list CVE-2010-2594 high Solution Update to latest...
CVE-2010-2594
The CVE-2010-2594 issue affects InterSect Alliance Snare Agent and Epilog products across Solaris, Windows, Linux/AIX, IRIX and UNIX variants. Description and connected records confirm multiple CSRF vulnerabilities in the web management interface that allow remote attackers to hijack administrato...
CVE-2010-2594
Multiple cross-site request forgery CSRF vulnerabilities in the web management interface in InterSect Alliance Snare Agent 3.2.3 and earlier on Solaris, Snare Agent 3.1.7 and earlier on Windows, Snare Agent 1.5.0 and earlier on Linux and AIX, Snare Agent 1.4 and earlier on IRIX, Snare Epilog 1.5....