45 matches found
CVE-2009-4497
Cross-site scripting XSS vulnerability in LXR Cross Referencer 0.9.5 and 0.9.6 allows remote attackers to inject arbitrary web script or HTML via the i parameter to the ident program...
EUVD-2010-1476
Malware in sbrugna...
EUVD-2018-1362
Malware in sbrugna...
EUVD-2009-4463
Malware in sbrugna...
EUVD-2010-1648
Malware in sbrugna...
CVE-2010-1625
Cross-site scripting XSS vulnerability in LXR Cross Referencer before 0.9.7 allows remote attackers to inject arbitrary web script or HTML via vectors related to the search body and the results page for a search, a different vulnerability than CVE-2009-4497 and CVE-2010-1448...
CVE-2018-0545
LXR version 1.0.0 to 2.3.0 allows remote attackers to execute arbitrary OS commands via unspecified vectors...
CVE-2018-0545
CVE-2018-0545 concerns LXR, version 1.0.0 through 2.3.0. The connected sources confirm a remote OS command injection vulnerability (CWE-78) that could allow an attacker to execute arbitrary commands on a server running the affected LXR releases. The vulnerability arises in LXR’s handling of input...
CVE-2018-0545
LXR version 1.0.0 to 2.3.0 allows remote attackers to execute arbitrary OS commands via unspecified vectors...
LXR vulnerable to OS command injection
Overview LXR provided by LXR Project contains an OS command injection vulnerability CWE-78. Touma Hatano reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact On a server where the product is running, a remote...
JVN#72589538: LXR vulnerable to OS command injection
LXR provided by LXR Project contains an OS command injection vulnerability CWE-78. Impact On a server where the product is running, a remote attacker may execute an arbitrary OS command. Solution Update the Software Update to the latest version according to the information provided by the...
LXR 0.9.x Cross Referencer Multiple Cross Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/37612/info LXR Cross Referencer is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script cod...
Debian DSA-2092-1 : lxr-cvs - missing input sanitizing
Dan Rosenberg discovered that in lxr-cvs, a code-indexing tool with a web frontend, not enough sanitation of user input is performed; an attacker can take advantage of this and pass script code in order to perform cross-site scripting attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
Debian Security Advisory DSA 2092-1 (lxr-cvs)
The remote host is missing an update to lxr-cvs announced via advisory DSA 2092-1. OpenVAS Vulnerability Test $Id: deb20921.nasl 6614 2017-07-07 12:09:12Z cfischer $ Description: Auto-generated from advisory DSA 2092-1 lxr-cvs Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...
[SECURITY] [DSA 2092-1] New lxr-cvs packages fix cross-site scripting
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-2092-1 [email protected] http://www.debian.org/security/ Sebastien Delafond Aug 17th, 2010 http://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-2092-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 2092-1] New lxr-cvs packages fix cross-site scripting
------------------------------------------------------------------------ Debian Security Advisory DSA-2092-1 [email protected] http://www.debian.org/security/ Sébastien Delafond Aug 17th, 2010 http://www.debian.org/security/faq -...
DSA-2092-1 lxr-cvs - cross-site scripting
Bulletin has no description...
CVE-2010-1448
Cross-site scripting XSS vulnerability in lib/LXR/Common.pm in LXR Cross Referencer before 0.9.8 allows remote attackers to inject arbitrary web script or HTML via vectors related to a string in the search page's TITLE element, a different vulnerability than CVE-2009-4497 and CVE-2010-1625...
CVE-2010-1625
Cross-site scripting XSS vulnerability in LXR Cross Referencer before 0.9.7 allows remote attackers to inject arbitrary web script or HTML via vectors related to the search body and the results page for a search, a different vulnerability than CVE-2009-4497 and CVE-2010-1448...