Dst-Admin 路径遍历漏洞

Dst-Admin is a Chinese administrative backend for Dont Starve Together Famine Online Edition for the Steam platform. A security vulnerability exists in Dst-Admin v1.3.0, which originates from an unauthorized download of arbitrary files and can expose sensitive information...

HP Insight Diagnostics Online Edition crossite scripting

No description provided...

CVE-2010-4111

CVE-2010-4111 is an XSS vulnerability in HP SMH/Insight Diagnostics (Online Edition) prior to version 8.5.1.3712. The issue allows remote attackers to inject arbitrary web scripts/HTML via crafted requests, with documented risks including cookie theft and phishing-style payloads. OpenVAS entries ...

HP Insight Diagnostics Online Edition 8.4 - parameters.php?device Cross-Site Scripting

HP Insight Diagnostics Online Edition 8.4 - parameters.php?device Cross-Site Scripting source: https://www.securityfocus.com/bid/42888/info HP Insight Diagnostics Online Edition is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An...

HP Insight Diagnostics Online Edition 8.4 - idstatusframe.php Multiple Cross-Site Scripting Vulnerabilities

HP Insight Diagnostics Online Edition 8.4 - idstatusframe.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/42888/info HP Insight Diagnostics Online Edition is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize...

HP Insight Diagnostics Online Edition 8.4 - survey.php?category Cross-Site Scripting

HP Insight Diagnostics Online Edition 8.4 - survey.php?category Cross-Site Scripting source: https://www.securityfocus.com/bid/42888/info HP Insight Diagnostics Online Edition is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An...

HP Insight Diagnostics Online Edition 8.4 - custom.php?testmode Cross-Site Scripting

HP Insight Diagnostics Online Edition 8.4 - custom.php?testmode Cross-Site Scripting source: https://www.securityfocus.com/bid/42888/info HP Insight Diagnostics Online Edition is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An...

Intuit QuickBooks Online Edition < 10 ActiveX Multiple Vulnerabilities

The remote host contains an Active control associated with QuickBooks Online Edition, a variant of Intuit QuickBooks implemented as an ActiveX control. The version of this control on the remote host reportedly is affected by multiple and as-yet unspecified stack-based buffer overflows that could...

Intuit QuickBooks Online Edition ActiveX控件多个远程安全漏洞

BUGTRAQ ID: 25544 CVECAN ID: CVE-2007-4471,CVE-2007-0322 QuickBooks Online Edition是一款在线财务软件。 QuickBooks Online Edition的ActiveX控件处理在处理畸形用户请求时存在漏洞，远程攻击者可能利用此漏洞控制用户系统。 如果用户受骗打开了恶意HTML文档的话，QuickBooks Online Edition...

CVE-2007-4471

Multiple unspecified vulnerabilities in the Intuit QuickBooks Online Edition ActiveX control before 10 allow remote attackers to create or overwrite arbitrary files via unspecified arguments to the 1 httpGETToFile, 2 httpPOSTFromFile, and possibly other methods, probably involving path traversal...

Intuit QuickBooks Online Edition ActiveX control stack buffer overflows

Overview The Intuit QuickBooks Online Edition ActiveX control contains multiple stack buffer overflows, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Intuit QuickBooks Online Edition is a version of QuickBooks that functions withi...