Fedora Update for perl-CGI FEDORA-2011-0640

Check for the Version of perl-CGI OpenVAS Vulnerability Test Fedora Update for perl-CGI FEDORA-2011-0640 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

CVE-2010-4647

Multiple cross-site scripting XSS vulnerabilities in the Help Contents web application aka the Help Server in Eclipse IDE before 3.6.2 allow remote attackers to inject arbitrary web script or HTML via the query string to 1 help/index.jsp or 2 help/advanced/content.jsp...

Ubuntu Update for python-django vulnerabilities USN-1040-1

Ubuntu Update for Linux kernel vulnerabilities USN-1040-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10401.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for python-django vulnerabilities USN-1040-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

CVE-2010-4534

The administrative interface in django.contrib.admin in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not properly restrict use of the query string to perform certain object filtering, which allows remote authenticated users to obtain sensitive information via a series...

DEBIAN-CVE-2010-4534

The administrative interface in django.contrib.admin in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not properly restrict use of the query string to perform certain object filtering, which allows remote authenticated users to obtain sensitive information via a series...

CVE-2010-4534

The administrative interface in django.contrib.admin in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not properly restrict use of the query string to perform certain object filtering, which allows remote authenticated users to obtain sensitive information via a series...

CVE-2010-4534

The administrative interface in django.contrib.admin in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not properly restrict use of the query string to perform certain object filtering, which allows remote authenticated users to obtain sensitive information via a series...

USN-1040-1: Django vulnerabilities

Adam Baldwin discovered that Django did not properly validate query string lookups. This could be exploited to provide an information leak to an attacker with admin privilieges. CVE-2010-4534 Paul McMillan discovered that Django did not validate the length of the token used when generating a...

Microsoft IIS - ISAPI 'w3who.dll' Query String Overflow (Metasploit)

$Id: w3whoquery.rb 9719 2010-07-07 17:38:59Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

CVE-2010-2267

Multiple cross-site scripting XSS vulnerabilities in Accoria Web Server aka Rock Web Server 1.4.7 allow remote attackers to inject arbitrary web script or HTML via 1 the query string to the getenv sample program, 2 the desc parameter to loadstatic.cgi, 3 the name parameter to httpdcfg.cgi, or 4 t...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Accoria Web Server aka Rock Web Server 1.4.7 allow remote attackers to inject arbitrary web script or HTML via 1 the query string to the getenv sample program, 2 the desc parameter to loadstatic.cgi, 3 the name parameter to httpdcfg.cgi, or 4 t...

DEBIAN-CVE-2010-1594

Multiple cross-site scripting XSS vulnerabilities in ocsreports/index.php in OCS Inventory NG 1.02.1 allow remote attackers to inject arbitrary web script or HTML via 1 the query string, 2 the BASE parameter, or 3 the ega1 parameter. NOTE: some of these details are obtained from third party...

Open redirect

Open redirect vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management WCM, and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0...

XOOPS misc.php Query String XSS

The version of XOOPS running on the remote web server has a cross- site scripting vulnerability. 'misc.php' does not sanitize the requested URI before displaying it in the response. Manipulating the query string can result in a cross-site scripting attack. A remote attacker could exploit this by...

Important: Red Hat Security Advisory: tomcat security update

Updated tomcat packages that fix several security issues are now available for Red Hat Developer Suite 3. This update has been rated as having important security impact by the Red Hat Security Response Team. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP...

Cross site scripting

Cross-site scripting XSS vulnerability in the help pages in IBM Rational AppScan Enterprise Edition 5.5.0.2 allows remote attackers to inject arbitrary web script or HTML via the query string...

CVE-2009-3745

Cross-site scripting XSS vulnerability in the help pages in IBM Rational AppScan Enterprise Edition 5.5.0.2 allows remote attackers to inject arbitrary web script or HTML via the query string...

CVE-2009-3745

Cross-site scripting XSS vulnerability in the help pages in IBM Rational AppScan Enterprise Edition 5.5.0.2 allows remote attackers to inject arbitrary web script or HTML via the query string...

Adobe Flex SDK Cross-Site Scripting Vulnerability (Windows)

This host is installed with Adobe Flex SDK and is prone to Cross-Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: secpodadobeflexsdkxssvulnwin.nasl 7573 2017-10-26 09:18:50Z cfischer $ Adobe Flex SDK Cross-Site Scripting Vulnerability Windows Authors: Sharath S Copyright: Copyright c...

Ubuntu 8.04 LTS / 8.10 / 9.04 : mono vulnerabilities (USN-826-1)

It was discovered that the XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation. CVE-2009-0217 It was discovered that Mono did not properly escape certain attributes in th...