30 matches found
EUVD-2009-0764
Malware in sbrugna...
EUVD-2009-0765
Malware in sbrugna...
EUVD-2009-0766
Malware in sbrugna...
EUVD-2009-0763
Malware in sbrugna...
CVE-2009-0766
Directory traversal vulnerability in default.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the configfile parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
CVE-2009-0764
Multiple cross-site scripting XSS vulnerabilities in Kipper 2.01 allow remote attackers to inject arbitrary web script or HTML via the charm parameter to 1 index.php and 2 kipper.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-0765
Directory traversal vulnerability in index.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the configfile parameter...
CVE-2009-0766
Directory traversal vulnerability in default.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the configfile parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
CVE-2009-0763
Cross-site scripting XSS vulnerability in default.php in Kipper 2.01 allows remote attackers to inject arbitrary web script or HTML via the charm parameter...
CVE-2009-0764
Multiple cross-site scripting XSS vulnerabilities in Kipper 2.01 allow remote attackers to inject arbitrary web script or HTML via the charm parameter to 1 index.php and 2 kipper.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-0767
Kipper 2.01 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing credentials via a direct request for job/config.data...
Directory traversal
Directory traversal vulnerability in default.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the configfile parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
Directory traversal
Directory traversal vulnerability in index.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the configfile parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in default.php in Kipper 2.01 allows remote attackers to inject arbitrary web script or HTML via the charm parameter...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Kipper 2.01 allow remote attackers to inject arbitrary web script or HTML via the charm parameter to 1 index.php and 2 kipper.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-0767
Kipper 2.01 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing credentials via a direct request for job/config.data...
CVE-2009-0765
CVE-2009-0765 affects Kipper 2.01, where index.php is vulnerable to directory traversal: remote attackers can include and execute arbitrary local files via .. in the configfile parameter. The issue enables partial confidentiality, integrity, and availability impact (CVSSv2 base score 7.5; AV:N/AC...
CVE-2009-0766
CVE-2009-0766 affects Kipper 2.01 where a directory-traversal flaw in default.php allows remote attackers to include and execute arbitrary local files via the configfile parameter. Root cause: improper handling of directory paths enabling local file inclusion. Impact: partial confidentiality/inte...
CVE-2009-0763
CVE-2009-0763 is an XSS vulnerability in the Kipper 2.01 release (default.php) that permits remote injection of arbitrary script/HTML via the charm parameter. Affected software: Kipper 2.01 . Root cause: unsanitized input in default.php leading to HTML/script injection. Impact: potential user bro...
CVE-2009-0764
Multiple cross-site scripting XSS vulnerabilities in Kipper 2.01 allow remote attackers to inject arbitrary web script or HTML via the charm parameter to 1 index.php and 2 kipper.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...