Lucene search
K

78 matches found

securityvulns
securityvulns
added 2010/02/04 12:0 a.m.124 views

[security bulletin] HPSBMA02504 SSRT090220 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02000727 Version: 1 HPSBMA02504 SSRT090220 rev.1 - HP System Management Homepage SMH for Linux and Windows, Remote Cross Site Scripting XSS NOTICE: The information in this Security Bulletin shoul...

4.3CVSS0.2AI score0.03002EPSS
Exploits1
Packet Storm
Packet Storm
added 2010/01/29 12:0 a.m.23 views

ProCheckUp Security Advisory 2009.19

PR09-19: Cross-Site Scripting XSS on CommonSpot server Vulnerability found: 17th December 2009 Vendor informed: 18th December 2009 Severity: Medium Successfully tested on: Commonspot server http://www.paperthin.com/ Description: Commonspot server is vulnerable to a vanilla XSS Vulnerable...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2010/01/28 12:0 a.m.75 views

PR09-15: XSS injection vulnerability within HP System Management Homepage (Insight Manager)

PR09-15: XSS injection vulnerability within HP System Management Homepage Insight Manager Vulnerability found: 11th October 2009 Severity: Medium Description: A XSS vulnerability has been found within HP System Management; Arising from insufficient input filtering. By using a specially-crafted...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2009/09/09 12:0 a.m.57 views

Various Orion application application server example pages are vulnerable to XSS.

R08-08: Several XSS on Orion Application server 2.0 to 2.0.8 Vulnerability found: May 2008 Revalidated 23 July 2009 Vendor informed: 27th July 09 Vulnerability fixed: Severity: Medium Description: Various Orion application application server example pages are vulnerable to XSS. Orion application...

6.2AI score
Exploits0
securityvulns
securityvulns
added 2009/04/16 12:0 a.m.122 views

XSS with mod_perl perl_status utility

Vulnerability found: 28th February 2009 Vendor informed: 1st March 2009 Advisory last updated: 1st March 2009 Severity: Medium/High Credits: Richard Brain of ProCheckUp Ltd www.procheckup.com CVE reference: CVE-2009-0796 BID: 34383 Many thanks to Torsten Foertsch for his kind assistance in fixing...

2.6CVSS9AI score0.29638EPSS
Exploits3
Packet Storm
Packet Storm
added 2009/04/15 12:0 a.m.43 views

Mod-Perl Perl-Status Cross Site Scripting

Vulnerability found: 28th February 2009 Vendor informed: 1st March 2009 Advisory last updated: 1st March 2009 Severity: Medium/High Credits: Richard Brain of ProCheckUp Ltd www.procheckup.com CVE reference: CVE-2009-0796 BID: 34383 Many thanks to Torsten Foertsch for his kind assistance in fixing...

2.6CVSS9.6AI score0.29638EPSS
Exploits3
securityvulns
securityvulns
added 2009/02/01 12:0 a.m.63 views

PR08-21: Cross-site Request Forgery (CSRF) on Novell GroupWise WebAccess allows email theft and other attacks

PR08-21: Cross-site Request Forgery CSRF on Novell GroupWise WebAccess allows email theft and other attacks Vulnerability found: 3rd October 2008 Vendor contacted: 3rd October 2008 Advisory publicly released: 30th January 2009 Severity: Critical Credits: Adrian Pastor of ProCheckUp Ltd...

6.8CVSS6.2AI score0.00581EPSS
Exploits1
securityvulns
securityvulns
added 2009/02/01 12:0 a.m.72 views

PR08-22: Persistent XSS on Novell GroupWise WebAccess

PR08-22: Persistent XSS on Novell GroupWise WebAccess Vulnerability found: 2nd October 2008 Vendor contacted: 3rd October 2008 Advisory publicly released: 30th January 2009 Severity: High Credits: Jan Fry of ProCheckUp Ltd www.procheckup.com. ProCheckUp thanks Novell for working with us in such a...

4.3CVSS5.4AI score0.01705EPSS
Exploits1
securityvulns
securityvulns
added 2009/01/16 12:0 a.m.73 views

Cisco Security Response: Cisco IOS Cross-Site Scripting Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Response: Cisco IOS Cross-Site Scripting Vulnerabilities http://www.cisco.com/warp/public/707/cisco-sr-20090114-http.shtml Revision 1.0 For Public Release 2009 January 14 1600 UTC GMT -...

4.3CVSS0.2AI score0.05449EPSS
Exploits2
securityvulns
securityvulns
added 2009/01/16 12:0 a.m.76 views

PR08-19: XSS on Cisco IOS HTTP Server

PR08-19: XSS on Cisco IOS HTTP Server Date found: 1st August 2008 Vendor contacted: 1st August 2008 Advisory publicly released: 14th January 2009 Severity: Medium Credits: Adrian Pastor of ProCheckUp Ltd www.procheckup.com Description: Cisco IOS HTTP server is vulnerable to XSS within invalid...

4.3CVSS0.1AI score0.05449EPSS
Exploits2
Packet Storm
Packet Storm
added 2009/01/15 12:0 a.m.42 views

ProCheckUp Security Advisory 2008.19

PR08-19: XSS on Cisco IOS HTTP Server Date found: 1st August 2008 Vendor contacted: 1st August 2008 Advisory publicly released: 14th January 2009 Severity: Medium Credits: Adrian Pastor of ProCheckUp Ltd www.procheckup.com Description: Cisco IOS HTTP server is vulnerable to XSS within invalid...

4.3CVSS0.5AI score0.05449EPSS
Exploits2
securityvulns
securityvulns
added 2008/11/21 12:0 a.m.47 views

PR07-11: Cross-site Request Forgery (CSRF) on Sun Java System Identity Manager

PR07-11: Cross-site Request Forgery CSRF on Sun Java System Identity Manager Date Found: 11th June 2007 Vendor Contacted: 18th June 2007 Date Public: 10th November 2008 Severity: Medium/High Credits: Adrian Pastor and Jan Fry of ProCheckUp Ltd www.procheckup.com. ProCheckUp thanks Sun for working...

7.2AI score
Exploits0
UbuntuCve
UbuntuCve
added 2008/07/25 4:41 p.m.33 views

CVE-2008-3326

Cross-site scripting XSS vulnerability in blog/edit.php in Moodle 1.6.x before 1.6.7 and 1.7.x before 1.7.5 allows remote attackers to inject arbitrary web script or HTML via the etitle parameter blog entry title...

2.6CVSS5.9AI score0.02389EPSS
Exploits1References1
securityvulns
securityvulns
added 2008/07/24 12:0 a.m.46 views

PR08-15: Several Webroot Disclosures on Moodle

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PR08-15: Several Webroot Disclosures on Moodle Vulnerability found: 20/06/2008 Vendor informed: 25/06/2008 Vulnerability fixed: 16/07/2008 Advisory publicly released: 22/07/2008 Severity: Low Description: Moodle 1.6.5 is vulnerable to several webroot...

Exploits0
securityvulns
securityvulns
added 2008/02/29 12:0 a.m.45 views

PR07-41: XSS on Juniper Networks Secure Access 2000

PR07-41: XSS on Juniper Networks Secure Access 2000 Vulnerability found: 6th December 2007 Vendor informed: 12th December 2007 Severity: Medium-high Description: Juniper Networks Secure Access 2000 is vulnerable to a vanilla XSS. Vulnerable server-side script: '/dana-na/auth/rdremediate.cgi'...

6.2AI score
Exploits0
Packet Storm
Packet Storm
added 2008/02/28 12:0 a.m.35 views

ProCheckUp Security Advisory 2007.41

PR07-41: XSS on Juniper Networks Secure Access 2000 Vulnerability found: 6th December 2007 Vendor informed: 12th December 2007 Severity: Medium-high Description: Juniper Networks Secure Access 2000 is vulnerable to a vanilla XSS. Vulnerable server-side script: '/dana-na/auth/rdremediate.cgi'...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2008/02/20 12:0 a.m.30 views

ProCheckUp Security Advisory 2006.12

PR06-12: XSS on BEA Plumtree Foundation and AquaLogic Interaction portals Description: BEA Plumtree Foundation portal 6.0 and BEA AquaLogic Interaction 6.1 are vulnerable to a XSS vulnerability affecting the 'name' parameter which is submitted to the '/portal/server.pt' server-side script. Date...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2008/02/20 12:0 a.m.73 views

ProCheckUp Security Advisory 2008.1

PR08-01: Several XSS, a cross-domain redirect and a webroot disclosure on Spyce - Python Server Pages PSP Vulnerability found: 19th December 2007 Vendor informed: 14th January 2007 Vulnerability fixed: the vendor did not respond, however a workaround has been included in the "Fix" section of this...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2008/01/22 12:0 a.m.18 views

ProCheckUp Security Advisory 2007.38

PR07-38: XSS on sIFR Vulnerability Found: 12 November 2007 Vendor contacted: 19 November 2007 Vulnerability fixed: The issue remains unfixed. The developer of sIFR was contacted several times but did not respond. Severity: Medium Successfully tested on: sIFR 2.0.2 Description: Sites using sIFR to...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2007/12/03 12:0 a.m.53 views

PR06-08: BEA Plumtree portal internal hostname disclosure vulnerability

PR06-08: BEA Plumtree portal internal hostname disclosure vulnerability Description: BEA Plumtree portal is vulnerable to a internal hostname disclosure vulnerability. The internal hostname of the server hosting BEA Plumtree portal is always included at the bottom of every requested HTML page...

6.8AI score
Exploits0
Rows per page
Query Builder