Foreman cross-site scripting vulnerability (CNVD-2017-32872)

Foreman is a set of lifecycle management tools for use in physical and virtual servers. The tool provides features such as service provisioning, configuration management, and status reporting. A cross-site scripting vulnerability exists in versions of Foreman prior to 1.5.2. A remote attacker can...

PT-2017-5876 · Foreman · Foreman

Name of the Vulnerable Software and Affected Versions: Foreman versions prior to 1.5.2 Description: The issue allows remote authenticated users to inject arbitrary web script or HTML via the operating system 1 name or 2 description. Recommendations: For versions prior to 1.5.2, update to version...

CHAOS Framework - Generate Payloads and Control Remote Machines

CHAOS Framework allows generate payloads and controls remote machines. DISCLAIMER The use of the CHAOS Framework is COMPLETE RESPONSIBILITY of the END-USER. Developer assumes NO liability and is NOT responsible for any misuse or damage caused by this program. FEATURES Windows Remote Control...

foreman: XSS with operating system name/description

Multiple cross-site scripting XSS vulnerabilities in Foreman before 1.5.2 allow remote authenticated users to inject arbitrary web script or HTML via the operating system 1 name or 2 description...

Microsoft Windows SMB NativeLanManager Remote System Information Disclosure

Nessus was able to obtain the remote operating system name and version Windows and/or Samba by sending an authentication request to port 139 or 445. Note that this plugin requires SMB to be enabled on the host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10785;...