26 matches found
EUVD-2012-4303
Malware in sbrugna...
EUVD-2012-3945
Malware in sbrugna...
EUVD-2013-5940
Malware in sbrugna...
CVE-2012-4001
The modpagespeed module before 0.10.22.6 for the Apache HTTP Server does not properly verify its host name, which allows remote attackers to trigger HTTP requests to arbitrary hosts via unspecified vectors, as demonstrated by requests to intranet servers...
K000139064: Apache vulnerabilities CVE-2009-2299, CVE-2012-3526, CVE-2012-4001, and CVE-2012-4360
Security Advisory Description CVE-2009-2299 The Artofdefence Hyperguard Web Application Firewall WAF module before 2.5.5-11635, 3.0 before 3.0.3-11636, and 3.1 before 3.1.1-11637, a module for the Apache HTTP Server, allows remote attackers to cause a denial of service memory consumption via an...
PageSpeed Modules (mod_pagespeed/ngx_pagespeed) Detection
The script attempts to identify the PageSpeed Modules modpagespeed/ngxpagespeed from the server banner. SPDX-FileCopyrightText: 2016 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
CVE-2013-6111
Cross-site scripting XSS vulnerability in the modpagespeed module 0.x, 1.0.22.7, 1.1.x, 1.24.1, 1.3.25.1 through 1.3.25.4, 1.4.26.1 through 1.4.26.4, 1.5.27.1 through 1.5.27.3, and 1.6.29.1 through 1.6.29.6 for the Apache HTTP Server allows remote attackers to inject arbitrary web script or HTML...
CVE-2013-6111
Cross-site scripting XSS vulnerability in the modpagespeed module 0.x, 1.0.22.7, 1.1.x, 1.24.1, 1.3.25.1 through 1.3.25.4, 1.4.26.1 through 1.4.26.4, 1.5.27.1 through 1.5.27.3, and 1.6.29.1 through 1.6.29.6 for the Apache HTTP Server allows remote attackers to inject arbitrary web script or HTML...
Cross site scripting
Cross-site scripting XSS vulnerability in the modpagespeed module 0.x, 1.0.22.7, 1.1.x, 1.24.1, 1.3.25.1 through 1.3.25.4, 1.4.26.1 through 1.4.26.4, 1.5.27.1 through 1.5.27.3, and 1.6.29.1 through 1.6.29.6 for the Apache HTTP Server allows remote attackers to inject arbitrary web script or HTML...
CVE-2013-6111
CVE-2013-6111 is a cross-site scripting (XSS) vulnerability in the mod_pagespeed module for Apache HTTP Server. Affected versions include 0.x; 1.0.22.7; 1.1.x; 1.24.1; 1.3.25.1–1.3.25.4; 1.4.26.1–1.4.26.4; 1.5.27.1–1.5.27.3; and 1.6.29.1–1.6.29.6. The issue allows remote attackers to inject arbit...
CVE-2013-6111
Cross-site scripting XSS vulnerability in the modpagespeed module 0.x, 1.0.22.7, 1.1.x, 1.24.1, 1.3.25.1 through 1.3.25.4, 1.4.26.1 through 1.4.26.4, 1.5.27.1 through 1.5.27.3, and 1.6.29.1 through 1.6.29.6 for the Apache HTTP Server allows remote attackers to inject arbitrary web script or HTML...
FreeBSD : mod_pagespeed -- critical XSS (XSS) vulnerability (4e23644c-cb93-4f83-9e20-5bc07ad9b39f)
modpagespeed developers report : Various versions of modpagespeed are subject to critical cross-site scripting XSS vulnerability, CVE-2013-6111. This permits a hostile third party to execute JavaScript in users' browsers in context of the domain running modpagespeed, which could permit theft of...
mod_pagespeed -- critical cross-site scripting (XSS) vulnerability
modpagespeed developers report: Various versions of modpagespeed are subject to critical cross-site scripting XSS vulnerability, CVE-2013-6111. This permits a hostile third party to execute JavaScript in users' browsers in context of the domain running modpagespeed, which could permit theft of...
Google, Paypal, Facebook Internal IP disclosure vulnerability
Do you have any idea about an Internal IP Address or a Private IP Address that too assigned for Multinational Companies? Yeah, today we are gonna discuss about Internal IP or Private IP address Disclosure. Disclosure of an Internal IP like 192.168.. or 172.16.. , can really Impact ? Most security...
Apache 'mod_pagespeed'模块跨站脚本执行和安全限制绕过漏洞
BUGTRAQ ID: 55536 CVE ID: CVE-2012-4001 CVE-2012-4360 modpagespeed是开源的Apache模块,可自动优化网页和资源。 Apache 'modpagespeed'模块存在跨站脚本执行和安全限制绕过漏洞,成功利用后可允许攻击者绕过某些安全限制、执行任意脚本代码、窃取Cookie身份验证凭证并执行某些管理员操作。 0 Apache Group modpagespeed 0.10.22.6 厂商补丁: Apache Group ------------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
CVE-2012-4360
Cross-site scripting XSS vulnerability in the modpagespeed module 0.10.19.1 through 0.10.22.4 for the Apache HTTP Server allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2012-4001
The modpagespeed module before 0.10.22.6 for the Apache HTTP Server does not properly verify its host name, which allows remote attackers to trigger HTTP requests to arbitrary hosts via unspecified vectors, as demonstrated by requests to intranet servers...
Code injection
The modpagespeed module before 0.10.22.6 for the Apache HTTP Server does not properly verify its host name, which allows remote attackers to trigger HTTP requests to arbitrary hosts via unspecified vectors, as demonstrated by requests to intranet servers...
CVE-2012-4360
CVE-2012-4360 is a cross-site scripting flaw in the mod_pagespeed Apache module (versions 0.10.19.1–0.10.22.4) that allowed remote attackers to inject arbitrary script via unspecified vectors. The issue affects Apache HTTP Server deployments using mod_pagespeed and could enable execution of JavaS...
CVE-2012-4360
Cross-site scripting XSS vulnerability in the modpagespeed module 0.10.19.1 through 0.10.22.4 for the Apache HTTP Server allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...