6556 matches found
CVE-2008-1503
CVE-2008-1503 affects F5 BIG-IP 9.4.3 web management interface. The vulnerability is a Cross-site Scripting (XSS) flaw exploitable via user-supplied input in the node object name, or the sysContact/sysLocation SNMP configuration fields (Audit Log XSS). The notes suggest CSRF as a possible related...
CVE-2008-1202
Cross-site scripting XSS vulnerability in the web management interface in Adobe LiveCycle Workflow 6.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...
F5 BIG-IP 9.4.3 - Web Management Interface Console HTML Injection
F5 BIG-IP 9.4.3 - Web Management Interface Console HTML Injection source: https://www.securityfocus.com/bid/28151/info F5 BIG-IP Web Management Interface is prone to a HTML-injection vulnerability because the web management interface fails to properly sanitize user-supplied input. An attacker may...
F5 BIG-IP 9.4.3 - Web Management Interface Console HTML Injection
source: https://www.securityfocus.com/bid/28151/info F5 BIG-IP Web Management Interface is prone to a HTML-injection vulnerability because the web management interface fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...
AirSpan WiMAX ProST web management interface authentication bypass vulnerability
Overview The AirSpan WiMAX ProST contains an authentication bypass vulnerability that could allow an unauthenticated, remote attacker to make arbitrary configuration changes. Description The AirSpan WiMAX ProST is customer premise equipment that provides WiMAX wireless networking. The web...
Cross site scripting
Cross-site scripting XSS vulnerability in the file listing function in the web management interface in Packeteer PacketShaper and PolicyCenter 8.2.2 allows remote attackers to inject arbitrary web script or HTML via the FILELIST parameter to an arbitrary component, which triggers injection into a...
CVE-2008-1037
Cross-site scripting XSS vulnerability in the file listing function in the web management interface in Packeteer PacketShaper and PolicyCenter 8.2.2 allows remote attackers to inject arbitrary web script or HTML via the FILELIST parameter to an arbitrary component, which triggers injection into a...
CVE-2008-1037
Cross-site scripting XSS vulnerability in the file listing function in the web management interface in Packeteer PacketShaper and PolicyCenter 8.2.2 allows remote attackers to inject arbitrary web script or HTML via the FILELIST parameter to an arbitrary component, which triggers injection into a...
packeteer-xss.txt
Packeteer Products File Listing XSS Product: Packeteer PacketShaper http://www.packeteer.com/products/packetshaper/ Packeteer PolicyCenter http://www.packeteer.com/products/packetshaper/policycenter.cfm The web management interface of several Packeteer products contains a cross-site scripting...
F5 BIG-IP Web Management Interface Detection
An F5 BIG-IP web management interface is running on this port. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid30215; scriptversion"1.16"; scriptsetattributeattribute:"pluginmodificationdate", value:"2023/05/24"; scriptnameenglish:"F5 BIG-IP Web Management Interface...
f5big-xsrf.txt
F5 BIG-IP Web Management Console CSRF Product: F5 BIG-IP http://www.f5.com/products/big-ip/ By design the F5 BIG-IP web management interface allows a logged-in user with Resource Manager or Administrator privileges to execute an arbitrary bigpipe shell command through the web "Console" feature. I...
CVE-2008-0524
Cross-site request forgery CSRF vulnerability in the management interface in multiple Yamaha RT series routers allows remote attackers to change password settings and probably other configuration settings as administrators via unspecified vectors...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the management interface in multiple Yamaha RT series routers allows remote attackers to change password settings and probably other configuration settings as administrators via unspecified vectors...
f5asm-xss.txt
F5 BIG-IP Web Management ASM Security Report XSS Product: F5 BIG-IP Application Security Manager http://www.f5.com/products/big-ip/product-modules/application-security-manager.html The F5 BIG-IP ASM web management interface contains a cross-site scripting vulnerability in the Security Report...
F5 BIG-IP Application Security Manager 9.4.3 - report_type Cross-Site Scripting
F5 BIG-IP Application Security Manager 9.4.3 - reporttype Cross-Site Scripting source: https://www.securityfocus.com/bid/27462/info F5 BIG-IP Application Security Manager is prone to a cross-site scripting vulnerability because the web management interface fails to properly sanitize user-supplied...
F5 BIG-IP Application Security Manager 9.4.3 - 'report_type' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27462/info F5 BIG-IP Application Security Manager is prone to a cross-site scripting vulnerability because the web management interface fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...
CVE-2008-0265
Multiple cross-site scripting XSS vulnerabilities in the Search function in the web management interface in F5 BIG-IP 9.4.3 allow remote attackers to inject arbitrary web script or HTML via the SearchString parameter to 1 listsystem.jsp, 2 listpktfilter.jsp, 3 listltm.jsp, 4 resourcesaudit.jsp, a...
CVE-2008-0265
Multiple cross-site scripting XSS vulnerabilities in the Search function in the web management interface in F5 BIG-IP 9.4.3 allow remote attackers to inject arbitrary web script or HTML via the SearchString parameter to 1 listsystem.jsp, 2 listpktfilter.jsp, 3 listltm.jsp, 4 resourcesaudit.jsp, a...
f5-xss.txt
F5 BIG-IP Web Management List Search XSS Product: F5 BIG-IP http://www.f5.com/products/big-ip/ The F5 BIG-IP web management interface contains a cross-site scripting vulnerability in the Search function present on several list-like pages. Parameter SearchString is not sanitized before it gets...
CVE-2008-0150
Unspecified vulnerability in the LDAP authentication feature in Aruba Mobility Controller 2.3.6.15, 2.5.2.11, 2.5.4.25, 2.5.5.7, 3.1.1.3, and 2.4.8.11-FIPS or earlier allows remote attackers to bypass authentication mechanisms and obtain management or VPN interface access...