EUVD-2007-5191

Malware in sbrugna...

PT-2015-02: Arbitrary File Reading in Arbor Peakflow SP

The specialists of the Positive Research center have detected an Arbitrary File Reading vulnerability in Arbor Peakflow SP. The vulnerability allows remote attackers to read arbitrary files. How to fix Update your system up to the latest version Advisory status 13.01.2015 - Vendor gets...

Arbor Networks Peakflow SP 'index/' Cross Site Scripting Vulnerability

Arbor Networks Peakflow SP is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Cross site scripting

Cross-site scripting XSS vulnerability in Arbor Networks Peakflow SP 5.1.1 before patch 6, 5.5 before patch 4, and 5.6.0 before patch 1 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to index...

CVE-2012-4685

Arbor Networks Peakflow SP is affected by a cross-site scripting (XSS) vulnerability in which an attacker can inject arbitrary web script or HTML via the PATH_INFO to index. Affected product versions are Peakflow SP 5.1.1 before patch 6, 5.5 before patch 4, and 5.6.0 before patch 1. The issue ste...

Arbor Networks Peakflow SP web interface XSS

Exploit Title: Arbor Networks Peakflow SP XSS Date: 03 April 2012 Software Link: www.arbornetworks.com/peakflowsp ================================================================ - Login Page vulnerable to cross site scripting "XSS" https://127.0.0.2/index/"onmouseover="alert666;...

Arbor Networks Peakflow SP crossite scripting

Crossite scripting in administration interface...

Arbor Networks Peakflow SP 3.6.1 - 'index/' Cross-Site Scripting

source: https://www.securityfocus.com/bid/52881/info Peakflow SP is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

Arbor Networks Peakflow SP 3.6.1 - index Cross-Site Scripting

Arbor Networks Peakflow SP 3.6.1 - index Cross-Site Scripting source: https://www.securityfocus.com/bid/52881/info Peakflow SP is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...

CVE-2007-5211

Multiple cross-site scripting XSS vulnerabilities in Arbor Networks Peakflow SP 3.5.1 before patch 14, and 3.6.1 before patch 5, when scope accounts are enabled, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving GET or POST requests. NOTE: the...

CVE-2007-5210

Arbor Networks Peakflow SP before 3.5.1 patch 14, and 3.6.x before 3.6.1 patch 5, allows remote authenticated users to bypass access restrictions and read or write unspecified data via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Arbor Networks Peakflow SP 3.5.1 before patch 14, and 3.6.1 before patch 5, when scope accounts are enabled, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving GET or POST requests. NOTE: the...

Design/Logic Flaw

Arbor Networks Peakflow SP before 3.5.1 patch 14, and 3.6.x before 3.6.1 patch 5, allows remote authenticated users to bypass access restrictions and read or write unspecified data via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

CVE-2007-5211

CVE-2007-5211 involves multiple cross-site scripting (XSS) vulnerabilities in Arbor Networks Peakflow SP 3.5.1 before patch 14, and 3.6.1 before patch 5, when scope accounts are enabled. The flaw allows remote attackers to inject arbitrary web script/HTML via unspecified GET/POST vectors. The und...

CVE-2007-5211

Multiple cross-site scripting XSS vulnerabilities in Arbor Networks Peakflow SP 3.5.1 before patch 14, and 3.6.1 before patch 5, when scope accounts are enabled, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving GET or POST requests. NOTE: the...

CVE-2007-5210

Arbor Networks Peakflow SP is affected. Infections concern remote authenticated users bypassing access restrictions to read or write unspecified data via unknown vectors, affecting releases earlier than 3.5.1 patch 14 and 3.6.x prior to 3.6.1 patch 5. Root cause details are not fully disclosed in...