EUVD-2010-1676

Malware in sbrugna...

XML Entity Injection Vulnerability in PowerEasy SiteFactory of Guangdong Dynamic Easy Software Co.

PowerEasy SiteFactory content management system English name: PowerEasy SiteFactory; software copyright registration number: 2014SR021600 is the industry's first based on the Microsoft.NET2.0 platform, using ASP.NET 2.0 for layered development of content management systems Content Management...

xss vulnerability in PowerEasy CMS, a website building system of Guangdong Dynamic Easy Software Co.

Dynamic Easy Powereasy cms 2006 is a set of various types of small and medium-sized site construction and management and design and development of a general-purpose site management system also known as content management system. Guangdong Dynamic Easy Software Co., Ltd. building system PowerEasy...

Arbitrary File Read Vulnerability in PowerEasy SmartGov

PowerEasy government website management system PowerEasy SmartGov is a complete set of government portal application solutions provided by PowerEasy according to the actual application requirements of the government. An arbitrary file read vulnerability exists in PowerEasy SmartGov. An attacker c...

PowerEasy 2006 'ComeUrl' Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/39696/info PowerEasy is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

PowerEasy 2006 region.asp sql注入漏洞

No description provided by source...

CVE-2010-1655

Cross-site scripting XSS vulnerability in User/UserChkLogin.asp in PowerEasy 2006 and PowerEasy SiteWeaver 6.8 allows remote attackers to inject arbitrary web script or HTML via the ComeUrl parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in User/UserChkLogin.asp in PowerEasy 2006 and PowerEasy SiteWeaver 6.8 allows remote attackers to inject arbitrary web script or HTML via the ComeUrl parameter...

Move easy(PowerEasy) SiteWeaver "ComeUrl" Cross-Site Scripting Vulnerability-vulnerability warning-the black bar safety net

Move easyPowerEasy cross-site vulnerabilities Move easy SiteWeaver, it can be malicious people use to perform cross-site scripting attack vulnerability. Input passed to the"ComeUrl"in the User/UserChkLogin. asp does not properly handle the return to the user parameters. This can be used to perfor...

CVE-2010-1655

Cross-site scripting XSS vulnerability in User/UserChkLogin.asp in PowerEasy 2006 and PowerEasy SiteWeaver 6.8 allows remote attackers to inject arbitrary web script or HTML via the ComeUrl parameter...

CVE-2010-1655

CVE-2010-1655 affects PowerEasy 2006 and PowerEasy SiteWeaver 6.8 via a cross-site scripting flaw in User/User_ChkLogin.asp, exploitable through the ComeUrl parameter to inject arbitrary script/HTML. The NVD entry lists a CVSSv2 base score of 4.3 (Medium) with network attack vector, requiring use...

动易(PowerEasy) SiteWeaver "ComeUrl" Cross-Site Scripting Vulnerability

动易SiteWeaver，它可以被恶意的人利用来进行跨站点脚本攻击漏洞。 输入传递到"ComeUrl"在User/UserChkLogin.asp中没有正确地处理返回给用户参数。这可以被用来执行在用户在受影响的浏览器会话中任意HTML和脚本代码。 这个安全漏洞在版本6.8报告。其它版本也可能受到影响。 PowerEasy SiteWeaver 6.x SEBUG临时解决办法 对User/UserChkLogin.asp,"ComeUrl"进行过滤处理 参考官方补丁 http://www.powereasy.net/...

PowerEasy 2006 Cross Site Scripting

PowerEasy is prone to an cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the...

A XSS in User_ChkLogin.asp of PowerEasy 2006

PowerEasy is prone to an cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the...

PowerEasy 2006 - ComeUrl Cross-Site Scripting

PowerEasy 2006 - ComeUrl Cross-Site Scripting source: https://www.securityfocus.com/bid/39696/info PowerEasy is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...

PowerEasy 2006 - 'ComeUrl' Cross-Site Scripting

source: https://www.securityfocus.com/bid/39696/info PowerEasy is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context ...

动力(My Powe)SQL注射漏洞

就是当用％20and%201=1返回如下： 错误信息 产生错误的可能原因：· 请指定文章ID 返回上一页 当用%20and%201=2返回如下： 错误信息 产生错误的可能原因： 你要找的文章不存在，或者已经被管理员删除！ 返回上一页 进行SQL注射 动力My Power3.6版 下载官方最新补丁http://www.asp163.net !/usr/bin/env python coding: utf-8 from pocsuite.api.request import req from pocsuite.api.poc import register from...