paros-antiques.co.uk XSS vulnerability

Vulnerable URL: http://www.paros-antiques.co.uk/product.asp?strParents=%22/%3E%3Csvg/onload=alert%28%27XSSPOSED%27%29%3EID=32ID=511 Details: Description| Value ---|--- Patched:| Yes, at 27.07.2017 Latest check for patch:| 27.07.2017 08:00 GMT Vulnerability type:| XSS Vulnerability status:| Public...

Paros Proxy Scanner

Paros is a proxy scanning product. Remote attackers can use Paros to detect proxy servers...

Apple Mac OS X Server 10.5 - Wiki Server Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28278/info Apple Mac OS X Server Wiki Server is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue allows an attacker to access arbitrary...

Web File Browser 0.4b14 - File Download

Web File Browser 0.4b14 - File Download Exploit Title: Web File Browser 0.4b14 File Download Vulnerability Date: 2011/11/03 Author: Sangyun YOO Email: yoosy0302 at naver dot com Software Link: http://downloads.sourceforge.net/project/webfilebrowser/webfilebrowser/0.4b14/webfilebrowser-0.4b14.zip...

Web File Browser 0.4b14 File Download

Exploit Title: Web File Browser 0.4b14 File Download Vulnerability Date: 2011/11/03 Author: Sangyun YOO Email: yoosy0302 at naver dot com Software Link: http://downloads.sourceforge.net/project/webfilebrowser/webfilebrowser/0.4b14/webfilebrowser-0.4b14.zip Version: Web File Browser 0.4b14 Tested...

Web File Browser 0.4b14 - File Download

Exploit Title: Web File Browser 0.4b14 File Download Vulnerability Date: 2011/11/03 Author: Sangyun YOO Email: yoosy0302 at naver dot com Software Link: http://downloads.sourceforge.net/project/webfilebrowser/webfilebrowser/0.4b14/webfilebrowser-0.4b14.zip Version: Web File Browser 0.4b14 Tested...

Web File Browser 0.4b14 File Download Vulnerability

Exploit for php platform in category web applications Exploit Title: Web File Browser 0.4b14 File Download Vulnerability Date: 2011/11/03 Author: Sangyun YOO Email: yoosy0302 at naver dot com Software Link:...

Ultimate PHP Board 2.2.7 - Broken Authentication and Session Management

Exploit Title : Ultimate PHP Board 2.2.7 "Broken Authentication and Session Management" Date : 2011.05.17 Author : i2sec - Gi bum Hong Software Link : http://sourceforge.net/projects/textmb/files/UPB/UPB%202.2.7/ Version : 2.2.7 Tested on : apache 2.2.14 | mysql 5.1.39 | php 5.2.12 This...

Ultimate PHP Board 2.2.7 - Broken Authentication and Session Management

Ultimate PHP Board 2.2.7 - Broken Authentication and Session Management Exploit Title : Ultimate PHP Board 2.2.7 "Broken Authentication and Session Management" Date : 2011.05.17 Author : i2sec - Gi bum Hong Software Link : http://sourceforge.net/projects/textmb/files/UPB/UPB%202.2.7/ Version :...

EnanoCMS 1.1.7pl1 Blind SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail :...

Gentoo Security Advisory GLSA 200601-15 (Paros)

The remote host is missing updates announced in advisory GLSA 200601-15. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200601-15 (Paros)

The remote host is missing updates announced in advisory GLSA 200601-15. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Leopard Server Remote Path Traversal

Advisory ID Internal CORE-2008-0123 Advisory Information Title: Leopard Server Remote Path Traversal Advisory ID: CORE-2008-0123 Date published: 2008-03-18 Date of last update: 2008-03-18 Vendors contacted: Apple Inc. Release mode: Coordinated release Vulnerability Information Class: Remote Path...

GLSA-200601-15 : Paros: Default administrator password

The remote host is affected by the vulnerability described in GLSA-200601-15 Paros: Default administrator password Andrew Christensen discovered that in older versions of Paros the database component HSQLDB is installed with an empty password for the database administrator 'sa'. Impact : Since th...

Paros: Default administrator password

Background Paros is an intercepting proxy between a web server and a client meant to be used for security assessments. It allows the user to watch and modify the HTTPS traffic. Description Andrew Christensen discovered that in older versions of Paros the database component HSQLDB is installed wit...

CVE-2005-3280

Paros 3.2.5 uses a default password for the "sa" account in the underlying HSQLDB database and does not restrict access to the local machine, which allows remote attackers to gain privileges...

CVE-2005-3280

Paros 3.2.5 uses a default password for the "sa" account in the underlying HSQLDB database and does not restrict access to the local machine, which allows remote attackers to gain privileges...

CVE-2005-3280

The CVE-2005-3280 entry concerns Paros 3.2.5, where the underlying HSQLDB database is installed with an empty password for the administrator account ('sa') and the database is accessible over the network. This allows remote attackers to connect to the database and potentially execute arbitrary co...

Paros proxy unauthorized access

hsqldb database has built-in password and is remotely accessible...

[SA17089] Paros hsqldb Exposure of Database Content

TITLE: Paros hsqldb Exposure of Database Content SECUNIA ADVISORY ID: SA17089 VERIFY ADVISORY: http://secunia.com/advisories/17089/ CRITICAL: Less critical IMPACT: Security Bypass, Exposure of sensitive information WHERE: From local network SOFTWARE: Paros 3.x http://secunia.com/product/2043/...