153 matches found
CVE-2012-3859
Unspecified vulnerability in the WebAdmin Portal in Netsweeper has unknown impact and attack vectors, a different vulnerability than CVE-2012-2446 and CVE-2012-2447...
CVE-2012-2446
Cross-site scripting XSS vulnerability in tools/locallookup.php in the WebAdmin Portal in Netsweeper allows remote attackers to inject arbitrary web script or HTML via the group parameter in a lookup action...
Cross site scripting
Cross-site scripting XSS vulnerability in tools/locallookup.php in the WebAdmin Portal in Netsweeper allows remote attackers to inject arbitrary web script or HTML via the group parameter in a lookup action...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in accountmgr/adminupdate.php in the WebAdmin Portal in Netsweeper allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts via an add action...
CVE-2012-2447
Cross-site request forgery CSRF vulnerability in accountmgr/adminupdate.php in the WebAdmin Portal in Netsweeper allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts via an add action...
Design/Logic Flaw
Unspecified vulnerability in the WebAdmin Portal in Netsweeper has unknown impact and attack vectors, a different vulnerability than CVE-2012-2446 and CVE-2012-2447...
CVE-2012-2447
Cross-site request forgery CSRF vulnerability in accountmgr/adminupdate.php in the WebAdmin Portal in Netsweeper allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts via an add action...
CVE-2012-2446
Cross-site scripting XSS vulnerability in tools/locallookup.php in the WebAdmin Portal in Netsweeper allows remote attackers to inject arbitrary web script or HTML via the group parameter in a lookup action...
CVE-2012-3859
CVE-2012-3859 is identified in the connected documents as a SQL Injection vulnerability affecting the Netsweeper WebAdmin Portal. The Red Hat entry describes it as an unspecified vulnerability with unknown impact, and the exploit references (Exploit-DB/PacketStorm) associate this CVE with a SQL I...
CVE-2012-2447
CVE-2012-2447 is a CSRF flaw in the Netsweeper WebAdmin Portal, specifically in accountmgr/adminupdate.php. The vulnerability allows an attacker to hijack an administrator’s session and perform actions that create new administrative accounts via the add action. Public materials in the connected R...
CVE-2012-2446
CVE-2012-2446 is a real XSS vulnerability in Netsweeper’s WebAdmin Portal. The issue affects the WebAdmin Portal’s tools/local_lookup.php, where the group parameter in a lookup action can be exploited to inject arbitrary web script or HTML remotely. The root cause is an inadequate input validatio...
CVE-2012-3859
Unspecified vulnerability in the WebAdmin Portal in Netsweeper has unknown impact and attack vectors, a different vulnerability than CVE-2012-2446 and CVE-2012-2447...
Netsweeper Internet Filter WebAdmin Portal multiple vulnerabilities
Overview Netsweeper Internet Filter WebAdmin Portal contains XSS, CSRF and SQLi vulnerabilities. Description Netsweeper Internet Filter's WebAdmin Portal contains the following XSS, CSRF and SQLi vulnerabilities.CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site...