468 matches found
CVE-2013-4600
OpenCms
OpenCMS 8.5.1 Cross Site Scripting Vulnerability
OpenCMS version 8.5.1 suffers from a cross site scripting vulnerability. Product: OpenCms Vendor: Alkacon Software Vulnerable Versions: 8.5.1 and probably prior Tested Version: 8.5.1 Vendor Notification: June 12, 2013 Vendor Patch: July 10, 2013 Public Disclosure: July 17, 2013 Vulnerability Type...
XSS Vulnerabilities in OpenCms
Advisory ID: HTB23160 Product: OpenCms Vendor: Alkacon Software Vulnerable Versions: 8.5.1 and probably prior Tested Version: 8.5.1 Vendor Notification: June 12, 2013 Vendor Patch: July 10, 2013 Public Disclosure: July 17, 2013 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference:...
OpenCMS 8.5.1 Cross Site Scripting
Advisory ID: HTB23160 Product: OpenCms Vendor: Alkacon Software Vulnerable Versions: 8.5.1 and probably prior Tested Version: 8.5.1 Vendor Notification: June 12, 2013 Vendor Patch: July 10, 2013 Public Disclosure: July 17, 2013 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference:...
XSS Vulnerabilities in OpenCms
High-Tech Bridge Security Research Lab discovered 2 XSS vulnerabilities in OpenCms, which can be exploited to perform Cross-Site Scripting attacks against users of vulnerable application. 1 Multiple Cross-Site Scripting XSS in OpenCms: CVE-2013-4600 1.1 The vulnerability exists due to insufficien...
YaCOMAS 0.3.6 OpenCMS - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/47089/info YaCOMAS is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting...
[AntiSnatchOr] OpenCMS <= 7.5.3 multiple vulnerabilities
OpenCMS = 7.5.3 multiple vulnerabilities Name: OpenCMS = 7.5.3 multiple vulnerabilities Systems Affected: OpenCMS = 7.5.3 Severity: High Vendor: http://www.opencms.org Advisory: http://antisnatchor.com/opencms7.5.3multiplevulnerabilities Author: Michele "antisnatchor" Orru michele.orru AT...
Alkacon OpenCMS 7.5.x - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/47055/info Alkacon OpenCms is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...
Alkacon OpenCMS 7.5.x - Multiple Cross-Site Scripting Vulnerabilities
Alkacon OpenCMS 7.5.x - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/47055/info Alkacon OpenCms is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage the...
OpenCMS 7.5.3 Cross Site Scripting
OpenCMS alert666 HTTP/1.1 Host: localhost:8080 ... The URI /opencms/opencms/system/workplace/views/explorer/contextmenu.jsp is vulnerable too, but we should know a valid resource name to exploit...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in OpenCMS OAMP Comments Module 1.0.1 allow remote attackers to inject arbitrary web script or HTML via the name field in a comment, and other unspecified vectors...
CVE-2009-4505
Multiple cross-site scripting XSS vulnerabilities in OpenCMS OAMP Comments Module 1.0.1 allow remote attackers to inject arbitrary web script or HTML via the name field in a comment, and other unspecified vectors...
CVE-2009-4505
Multiple cross-site scripting XSS vulnerabilities in OpenCMS OAMP Comments Module 1.0.1 allow remote attackers to inject arbitrary web script or HTML via the name field in a comment, and other unspecified vectors...
CVE-2009-4505
CVE-2009-4505 concerns the OpenCMS OAMP Comments Module (v1.0.0). The vulnerability arises from unfiltered user input being reflected in comments, enabling cross-site scripting (XSS) across visitors. The Compass Security advisory details exploitability and shows the impact as potential impersonat...
CVE-2009-4505 OpenCMS OAMP Comments Module XSS
COMPASS SECURITY ADVISORY http://www.csnc.ch/ CVE ID : CVE-2009-4505 Product: OpenCMS OAMP Comments Module Vendor: Open Source, Alkacon GmbH Cologne, Germany Subject: Cross-site scripting XSS Risk: High Effect: Anonymously exploitable Author: Cyrill Brunschwiler [email protected] Date:...
Alkakon OpenCms 7.5.2 and below non persistent XSS
Exploit for unknown platform in category web applications ================================================== Alkakon OpenCms 7.5.2 and below non persistent XSS ================================================== Exploit Title: Alkakon OpenCms 7.5.2 and below non persistent XSS. Author: EgoPL...
OpenCms Multiple Input Validation Vulnerabilities
Binary data 5207.prm...
OpenCms (7.5.0) - Vulnerability: Cross-Site Scripting, Phishing Through Frames, Application Error
Application: OpenCms Version: 7.5.0 Hardware: Tomcat/Oracle Vulnerability: Cross-Site Scripting, Phishing Through Frames, Application Error Overview: Various URL's within the deployed OpenCms application version 7.5.0 are open to attacks, including Cross-Site Scripting, Phishing Through Frames an...
OpenCMS 7.5.0 Cross Site Scripting
Application: OpenCms Version: 7.5.0 Hardware: Tomcat/Oracle Vulnerability: Cross-Site Scripting, Phishing Through Frames, Application Error Overview: Various URL's within the deployed OpenCms application version 7.5.0 are open to attacks, including Cross-Site Scripting, Phishing Through Frames an...
Alkacon OpenCMS 7.x - Multiple Input Validation Vulnerabilities
Alkacon OpenCMS 7.x - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/35979/info OpenCms is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an authenticated...