12 matches found
CVE-2010-0432
Multiple cross-site scripting XSS vulnerabilities in the Apache Open For Business Project aka OFBiz 09.04 and earlier, as used in Opentaps, Neogia, and Entente Oya, allow remote attackers to inject arbitrary web script or HTML via 1 the productStoreId parameter to control/exportProductListing, 2...
Apache OFBiz Multiple XSS Vulnerability
Exploit for php platform in category web applications ======================================= Apache OFBiz Multiple XSS Vulnerability ======================================= Bonsai Information Security - Advisory http://www.bonsai-sec.com/research/ Multiple XSS in Apache OFBiz 1. Advisory...
CVE-2010-0432
Multiple cross-site scripting XSS vulnerabilities in the Apache Open For Business Project aka OFBiz 09.04 and earlier, as used in Opentaps, Neogia, and Entente Oya, allow remote attackers to inject arbitrary web script or HTML via 1 the productStoreId parameter to control/exportProductListing, 2...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Apache Open For Business Project aka OFBiz 09.04 and earlier, as used in Opentaps, Neogia, and Entente Oya, allow remote attackers to inject arbitrary web script or HTML via 1 the productStoreId parameter to control/exportProductListing, 2...
Opentaps ERP + CRM Default Credentials (HTTP)
Opentaps ERP + CRM is using known default credentials. SPDX-FileCopyrightText: 2009 Christian Eric Edjenguele Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later CPE =...
Opentaps ERP + CRM Search_String Parameter HTML Injection Vulnerability
The running Opentaps ERP + CRM is prone to an HTML injection vulnerability. SPDX-FileCopyrightText: 2009 Christian Eric Edjenguele Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later CP...
Opentaps ERP + CRM service detection
The remote host is running Opentaps ERP + CRM. opentaps is a full-featured ERP + CRM suite which incorporates several open source projects, including Apache Geronimo, Tomcat, and OFBiz for the data model and transaction framework; Pentaho and JasperReports for business intelligence; Funambol for...
Opentaps ERP + CRM Detection
The remote host is running Opentaps ERP + CRM. Opentaps is a full-featured ERP + CRM suite which incorporates several open source projects, including: - Apache Geronimo, Tomcat, and OFBiz for the data model and transaction framework - Pentaho and JasperReports for business intelligence - Funambol...
[SA23457] opentaps "SEARCH_STRING" Cross-Site Scripting Vulnerability
TITLE: opentaps "SEARCHSTRING" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA23457 VERIFY ADVISORY: http://secunia.com/advisories/23457/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: opentaps 0.x http://secunia.com/product/12944/ DESCRIPTION: A...
CVE-2006-6589
Cross-site scripting XSS vulnerability in ecommerce/control/keywordsearch in the Apache Open For Business Project OFBiz and Opentaps 0.9.3 allows remote attackers to inject arbitrary web script or HTML via the SEARCHSTRING parameter, a different issue than CVE-2006-6587. NOTE: some of these detai...
CVE-2006-6589
Cross-site scripting XSS vulnerability in ecommerce/control/keywordsearch in the Apache Open For Business Project OFBiz and Opentaps 0.9.3 allows remote attackers to inject arbitrary web script or HTML via the SEARCHSTRING parameter, a different issue than CVE-2006-6587. NOTE: some of these detai...
CVE-2006-6589
The CVE-2006-6589 entry tracks a cross-site scripting (XSS) vulnerability affecting the ecommerce/control/keywordsearch path in Apache OFBiz and Opentaps 0.9.3, enabling remote injection of script/HTML via the SEARCH_STRING parameter. Connected OpenVAS data confirms HTML injection issues for Open...