40 matches found
EUVD-2006-4201
Malware in sbrugna...
EUVD-2008-3090
Malware in sbrugna...
EUVD-2003-0336
Malware in sbrugna...
EUVD-2006-4202
Malware in sbrugna...
EUVD-2008-3346
Malware in sbrugna...
EUVD-2013-4602
Malware in sbrugna...
CVE-2013-4754
Multiple cross-site scripting XSS vulnerabilities in Owl Intranet Knowledgebase 1.10 allow remote authenticated users to inject arbitrary web script or HTML via 1 the Search field to browse.php or 2 the Title field to prefs.php...
CVE-2013-4754
CVE-2013-4754 affects Owl Intranet Knowledgebase 1.10. The vulnerability is multiple cross-site scripting (XSS) flaws that allow remote authenticated users to inject arbitrary web script or HTML via (1) the Search field to browse.php and (2) the Title field to prefs.php. Root cause: unsanitized u...
CVE-2013-4754
Multiple cross-site scripting XSS vulnerabilities in Owl Intranet Knowledgebase 1.10 allow remote authenticated users to inject arbitrary web script or HTML via 1 the Search field to browse.php or 2 the Title field to prefs.php...
Owl Intranet Engine 0.95 'register.php' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/30410/info Owl Intranet Engine is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browse...
Owl Intranet Engine 0.7 Authentication Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7595/info Owl has been reported prone to an authentication bypass vulnerability. The issue presents itself due to a lack of sufficient sanitization when checking the validity of usernames and passwords supplied to...
RedTeam Pentesting GmbH
Advisory: Owl Intranet Engine: Information Disclosure and Unsalted Password Hashes The Owl Intranet Engine uses no salting in the password hashing procedure. Furthermore, users in the "Administrators" group are able to see the MD5 password hashes of every user using the web interface. Details...
[RT-SA-2011-005] Owl Intranet Engine: Authentication Bypass
Advisory: Owl Intranet Engine: Authentication Bypass During a penetration test, RedTeam Pentesting discovered an Authentication Bypass vulnerability in the Owl Intranet Engine, which allows unauthenticated users administrative access to the affected systems. Details ======= Product: Owl Intranet...
Owl Intranet Engine 1.00 Authentication Bypass
Advisory: Owl Intranet Engine: Authentication Bypass During a penetration test, RedTeam Pentesting discovered an Authentication Bypass vulnerability in the Owl Intranet Engine, which allows unauthenticated users administrative access to the affected systems. Details ======= Product: Owl Intranet...
Owl Intranet Engine 1.00 - 'userid' Authentication Bypass
source: https://www.securityfocus.com/bid/51076/info Owl Intranet Engine is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass the authentication process and gain administrative access to the application. Owl Intranet Engine 1.00 is affected; other...
CVE-2008-3100
Cross-site scripting XSS vulnerability in lib/owl.lib.php in Steve Bourgeois and Chris Vincent Owl Intranet Knowledgebase 0.95 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter in a getpasswd action to register.php...
CVE-2008-3359
SQL injection vulnerability in register.php in Steve Bourgeois and Chris Vincent Owl Intranet Knowledgebase 0.95 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely...
CVE-2008-3100
Cross-site scripting XSS vulnerability in lib/owl.lib.php in Steve Bourgeois and Chris Vincent Owl Intranet Knowledgebase 0.95 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter in a getpasswd action to register.php...
Owl Intranet Engine 0.95 - 'register.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/30410/info Owl Intranet Engine is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
CVE-2006-4212
SQL injection vulnerability in b0zz and Chris Vincent Owl Intranet Engine 0.90 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors...