Jenzabar 9.2x-9.2.2 - Cross-Site Scripting

Jenzabar 9.2.x through 9.2.2 contains a cross-site scripting vulnerability. It allows /ics?tool=search&query. id: CVE-2021-26723 info: name: Jenzabar 9.2x-9.2.2 - Cross-Site Scripting author: pikpikcu severity: medium description: Jenzabar 9.2.x through 9.2.2 contains a cross-site scripting...

EUVD-2020-29301

Malware in sbrugna...

EUVD-2019-2075

Malware in sbrugna...

EUVD-2018-8578

Malware in sbrugna...

EUVD-2019-2076

Malware in sbrugna...

CVE-2021-26723

Jenzabar 9.2.x through 9.2.2 allows /ics?tool=search= XSS...

CVE-2020-8434

Jenzabar JICS aka Internet Campus Solution before 9.0.1 Patch 3, 9.1 before 9.1.2 Patch 2, and 9.2 before 9.2.2 Patch 8 has session cookies that are a deterministic function of the username. There is a hard-coded password to supply a PBKDF feeding into AES to encrypt a username and base64 encode ...

CVE-2019-10011

ICS/StaticPages/AddTestUsers.aspx in Jenzabar JICS aka Internet Campus Solution before 2019-02-06 allows remote attackers to create an arbitrary number of accounts with a password of 1234...

CVE-2019-10012

Jenzabar JICS aka Internet Campus Solution before 9 allows remote attackers to upload and execute arbitrary .aspx code by placing it in a ZIP archive and using the MoxieManager for .NET plugin before 2.1.4 in the moxiemanager directory within the installation folder ICS\ICS.NET\ICSFileServer...

Jenzabar 9.2.2 - 'query' Reflected XSS.

Exploit Title: Jenzabar 9.2.2 - 'query' Reflected XSS. Date: 2021–02–06 Exploit Author: y0ungdst Vendor Homepage: https://jenzabar.com Version: Jenzabar — v9.2.0-v9.2.1-v9.2.2 and maybe other versions Tested on: Windows 10 CVE : CVE-2021–26723 -Description: A Reflected Cross-site scripting XSS...

Duplicate numbering

Jenzabar is a website builder system for building and managing student information platforms from Jenzabar, USA. This number is duplicated with CNNVD-202102-567, the related content has been deleted, please refer to the information of CNNVD-202102-567...

CVE-2021-26723

Jenzabar 9.2.x through 9.2.2 allows /ics?tool=search&query= XSS...

CVE-2021-26723

Jenzabar 9.2.x through 9.2.2 allows /ics?tool=search&query= XSS...

Cross site scripting

Jenzabar 9.2.x through 9.2.2 allows /ics?tool=search&query= XSS...

CVE-2021-26723

Summary: CVE-2021-26723 affects Jenzabar 9.2.x up to 9.2.2 and is a reflected XSS via the /ics?tool=search&query parameter. The public sources describe an input vector that can inject JavaScript into the victim’s browser, with potential impacts including session hijacking, defacement, or theft of...

CVE-2021-26723

Jenzabar 9.2.x through 9.2.2 allows /ics?tool=search&query= XSS...

Jenzabar 9.2.2 Cross Site Scripting

Exploit Title: Jenzabar 9.2.2 - 'query' Reflected XSS. Date: 2021–02–06 Exploit Author: y0ungdst Vendor Homepage: https://jenzabar.com Version: Jenzabar — v9.2.0-v9.2.1-v9.2.2 and maybe other versions Tested on: Windows 10 CVE : CVE-2021–26723 -Description: A Reflected Cross-site scripting XSS...

Jenzabar Cross-Site Scripting Vulnerability

Jenzabar is a website builder from Jenzabar, Inc. that is used to build platforms for managing student information. Jenzabar 9.2.x through 9.2.2 suffers from a cross-site scripting vulnerability that originates from /ics?tool=search&query=...

CVE-2020-8434

Jenzabar JICS aka Internet Campus Solution before 9.0.1 Patch 3, 9.1 before 9.1.2 Patch 2, and 9.2 before 9.2.2 Patch 8 has session cookies that are a deterministic function of the username. There is a hard-coded password to supply a PBKDF feeding into AES to encrypt a username and base64 encode ...

CVE-2020-8434

Jenzabar JICS aka Internet Campus Solution before 9.0.1 Patch 3, 9.1 before 9.1.2 Patch 2, and 9.2 before 9.2.2 Patch 8 has session cookies that are a deterministic function of the username. There is a hard-coded password to supply a PBKDF feeding into AES to encrypt a username and base64 encode ...