Lucene search
K

468 matches found

Cvelist
Cvelist
added 2008/03/12 5:0 p.m.16 views

CVE-2008-1300

Cross-site scripting XSS vulnerability in the Logfile Viewer Settings function in system/workplace/admin/workplace/logfileview/logfileViewSettings.jsp in Alkacon OpenCms 7.0.3 and 7.0.4 allows remote attackers to inject arbitrary web script or HTML via the filePath.0 parameter in a save action, a...

5.6AI score0.01511EPSS
Exploits1References5
CVE
CVE
added 2008/03/12 5:0 p.m.54 views

CVE-2008-1301

The CVE-2008-1301 entry concerns Alkacon OpenCms (versions 7.0.3 and 7.0.4). The vulnerability is an absolute path traversal in logfileViewSettings.jsp (path: system/workplace/admin/workplace/logfileview/logfileViewSettings.jsp) that allows remote authenticated administrators to read arbitrary fi...

4CVSS6.3AI score0.02255EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2008/03/12 5:0 p.m.51 views

CVE-2008-1300

CVE-2008-1300 describes a cross-site scripting (XSS) vulnerability in Alkacon OpenCms, specifically in the Logfile Viewer Settings function (system/workplace/admin/workplace/logfileview/logfileViewSettings.jsp) in OpenCms 7.0.3 and 7.0.4. The flaw allows remote attackers to inject arbitrary web s...

4.3CVSS5.7AI score0.01511EPSS
Exploits1References5Affected Software1
securityvulns
securityvulns
added 2008/03/09 12:0 a.m.58 views

Alkacon OpenCms logfileViewSettings.jsp XSS, file disclosure

Alkacon OpenCms logfileViewSettings.jsp XSS, file disclosure Product: Alkacon OpenCms http://www.opencms.org/ OpenCms contains a vulnerability in the Logfile Viewer Settings function. Input to Parameter filePath.0 in page opencms/system/workplace/admin/workplace/logfileview/logfileViewSettings.js...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2008/03/08 12:0 a.m.22 views

Alkacon OpenCMS 7.0.3 - logfileViewSettings.jsp?filePath.0 Arbitrary File Access

Alkacon OpenCMS 7.0.3 - logfileViewSettings.jsp?filePath.0 Arbitrary File Access source: https://www.securityfocus.com/bid/28152/info Alkacon OpenCms is prone to multiple input-validation vulnerabilities, including one cross-site scripting issue and a file-disclosure issue, because the applicatio...

Exploits0
exploitpack
exploitpack
added 2008/03/08 12:0 a.m.15 views

Alkacon OpenCMS 7.0.3 - logfileViewSettings.jsp?filePath Cross-Site Scripting

Alkacon OpenCMS 7.0.3 - logfileViewSettings.jsp?filePath Cross-Site Scripting source: https://www.securityfocus.com/bid/28152/info Alkacon OpenCms is prone to multiple input-validation vulnerabilities, including one cross-site scripting issue and a file-disclosure issue, because the application...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2008/03/08 12:0 a.m.28 views

Alkacon OpenCMS 7.0.3 - 'logfileViewSettings.jsp?filePath.0' Arbitrary File Access

source: https://www.securityfocus.com/bid/28152/info Alkacon OpenCms is prone to multiple input-validation vulnerabilities, including one cross-site scripting issue and a file-disclosure issue, because the application fails to properly sanitize user-supplied input. Attackers can exploit these...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/03/08 12:0 a.m.27 views

Alkacon OpenCMS 7.0.3 - 'logfileViewSettings.jsp?filePath' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28152/info Alkacon OpenCms is prone to multiple input-validation vulnerabilities, including one cross-site scripting issue and a file-disclosure issue, because the application fails to properly sanitize user-supplied input. Attackers can exploit these...

7.4AI score
Exploits0
NVD
NVD
added 2008/02/27 7:44 p.m.17 views

CVE-2008-1045

Cross-site scripting XSS vulnerability in the file tree navigation function in system/workplace/views/explorer/treefiles.jsp in Alkacon OpenCMS 7.0.3 allows remote attackers to inject arbitrary web script or HTML via the resource parameter...

4.3CVSS5.6AI score0.01465EPSS
Exploits1References4
Prion
Prion
added 2008/02/27 7:44 p.m.12 views

Cross site scripting

Cross-site scripting XSS vulnerability in the file tree navigation function in system/workplace/views/explorer/treefiles.jsp in Alkacon OpenCMS 7.0.3 allows remote attackers to inject arbitrary web script or HTML via the resource parameter...

4.3CVSS5.9AI score0.01465EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2008/02/27 7:0 p.m.51 views

CVE-2008-1045

Alkacon OpenCMS 7.0.3 contains a Cross-site Scripting (XSS) vulnerability in the file tree navigation function (system/workplace/views/explorer/tree_files.jsp). The issue allows remote attackers to inject arbitrary web script or HTML via the resource parameter. No other concrete details (such as ...

4.3CVSS5.7AI score0.01465EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2008/02/27 7:0 p.m.19 views

CVE-2008-1045

Cross-site scripting XSS vulnerability in the file tree navigation function in system/workplace/views/explorer/treefiles.jsp in Alkacon OpenCMS 7.0.3 allows remote attackers to inject arbitrary web script or HTML via the resource parameter...

5.6AI score0.01465EPSS
Exploits1References4
securityvulns
securityvulns
added 2008/02/26 12:0 a.m.117 views

Alkacon OpenCms tree_files.jsp resource XSS

Alkacon OpenCms treefiles.jsp resource XSS Product: Alkacon OpenCms http://www.opencms.org/ OpenCms contains a cross-site scripting vulnerability in the file tree navigation function. An invalid value supplied to parameter resource in page opencms/system/workplace/views/explorer/treefiles.jsp is...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2008/02/25 12:0 a.m.30 views

alkacon-xss.txt

Alkacon OpenCms treefiles.jsp resource XSS Product: Alkacon OpenCms http://www.opencms.org/ OpenCms contains a cross-site scripting vulnerability in the file tree navigation function. An invalid value supplied to parameter resource in page opencms/system/workplace/views/explorer/treefiles.jsp is...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/02/25 12:0 a.m.13 views

Alkacon OpenCMS 7.0.3 - tree_files.jsp Cross-Site Scripting

Alkacon OpenCMS 7.0.3 - treefiles.jsp Cross-Site Scripting source: https://www.securityfocus.com/bid/27986/info Alkacon OpenCms is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2008/02/25 12:0 a.m.27 views

Alkacon OpenCMS 7.0.3 - 'tree_files.jsp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27986/info Alkacon OpenCms is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user...

7.4AI score
Exploits0
NVD
NVD
added 2006/07/31 10:4 p.m.21 views

CVE-2006-3933

Cross-site scripting XSS vulnerability in Alkacon OpenCms before 6.2.2 allows remote authenticated users to inject arbitrary web script or HTML via the message body...

3.5CVSS5.3AI score0.01099EPSS
Exploits1References7
NVD
NVD
added 2006/07/31 10:4 p.m.20 views

CVE-2006-3936

system/workplace/editors/editor.jsp in Alkacon OpenCms before 6.2.2 allows remote authenticated users to read the source code of arbitrary JSP files by specifying the file in the resource parameter, as demonstrated using index.jsp...

4CVSS6.5AI score0.01356EPSS
Exploits1References7
NVD
NVD
added 2006/07/31 10:4 p.m.26 views

CVE-2006-3935

system/workplace/views/admin/admin-main.jsp in Alkacon OpenCms before 6.2.2 does not restrict access to administrator functions, which allows remote authenticated users to 1 send broadcast messages to all users /workplace/broadcast, 2 list all users /accounts/users, 3 add webusers...

6.5CVSS6.4AI score0.01811EPSS
Exploits0References12
NVD
NVD
added 2006/07/31 10:4 p.m.21 views

CVE-2006-3934

Absolute path traversal vulnerability in downloadTrigger.jsp in Alkacon OpenCms before 6.2.2 allows remote authenticated users to download arbitrary files via an absolute pathname in the filePath parameter...

4CVSS6.4AI score0.01432EPSS
Exploits1References7
Rows per page
Query Builder