25 matches found
EUVD-2009-0766
Malware in sbrugna...
CVE-2009-0764
Multiple cross-site scripting XSS vulnerabilities in Kipper 2.01 allow remote attackers to inject arbitrary web script or HTML via the charm parameter to 1 index.php and 2 kipper.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-0763
Cross-site scripting XSS vulnerability in default.php in Kipper 2.01 allows remote attackers to inject arbitrary web script or HTML via the charm parameter...
CVE-2009-0764
Multiple cross-site scripting XSS vulnerabilities in Kipper 2.01 allow remote attackers to inject arbitrary web script or HTML via the charm parameter to 1 index.php and 2 kipper.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-0767
Kipper 2.01 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing credentials via a direct request for job/config.data...
CVE-2009-0766
Directory traversal vulnerability in default.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the configfile parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
CVE-2009-0765
Directory traversal vulnerability in index.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the configfile parameter...
Directory traversal
Directory traversal vulnerability in default.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the configfile parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
Directory traversal
Directory traversal vulnerability in index.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the configfile parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in default.php in Kipper 2.01 allows remote attackers to inject arbitrary web script or HTML via the charm parameter...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Kipper 2.01 allow remote attackers to inject arbitrary web script or HTML via the charm parameter to 1 index.php and 2 kipper.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-0767
Kipper 2.01 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing credentials via a direct request for job/config.data...
CVE-2009-0763
CVE-2009-0763 is an XSS vulnerability in the Kipper 2.01 release (default.php) that permits remote injection of arbitrary script/HTML via the charm parameter. Affected software: Kipper 2.01 . Root cause: unsanitized input in default.php leading to HTML/script injection. Impact: potential user bro...
CVE-2009-0766
CVE-2009-0766 affects Kipper 2.01 where a directory-traversal flaw in default.php allows remote attackers to include and execute arbitrary local files via the configfile parameter. Root cause: improper handling of directory paths enabling local file inclusion. Impact: partial confidentiality/inte...
CVE-2009-0764
Multiple cross-site scripting XSS vulnerabilities in Kipper 2.01 allow remote attackers to inject arbitrary web script or HTML via the charm parameter to 1 index.php and 2 kipper.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-0766
Directory traversal vulnerability in default.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the configfile parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
CVE-2009-0765
Directory traversal vulnerability in index.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the configfile parameter...
CVE-2009-0767
CVE-2009-0767 affects Kipper 2.01, where sensitive information is stored under the web root with insufficient access control. This allows remote attackers to download a file containing credentials via a direct request for job/config.data. Impact is exposure of credentials (partial confidentiality...
CVE-2009-0765
CVE-2009-0765 affects Kipper 2.01, where index.php is vulnerable to directory traversal: remote attackers can include and execute arbitrary local files via .. in the configfile parameter. The issue enables partial confidentiality, integrity, and availability impact (CVSSv2 base score 7.5; AV:N/AC...
CVE-2009-0763
Cross-site scripting XSS vulnerability in default.php in Kipper 2.01 allows remote attackers to inject arbitrary web script or HTML via the charm parameter...