7 matches found
Webmin < 1.690 Multiple XSS
According to its self-reported version, the Webmin install hosted on the remote host is prior to version 1.690. It is, therefore, affected by multiple cross-site scripting vulnerabilities : - The application is affected by multiple unspecified cross-site scripting vulnerabilities. CVE-2014-3885 -...
CVE-2014-3886
Cross-site scripting XSS vulnerability in Webmin before 1.690, when referrer checking is disabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this might overlap CVE-2014-3924...
Cross site scripting
Cross-site scripting XSS vulnerability in Webmin before 1.690, when referrer checking is disabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this might overlap CVE-2014-3924...
Webmin vulnerable to cross-site scripting
Overview Webmin is a web-based system management tool. Webmin contains a cross-site scripting vulnerability when "referrer checking" is turned off. Note that "referrer checking" is enabled by default. hasegawa reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...
JVN#02213197: Webmin vulnerable to cross-site scripting
Webmin is a web-based system management tool. Webmin contains a cross-site scripting vulnerability when "referrer checking" is turned off. Note that "referrer checking" is enabled by default. Impact An arbitrary script may be executed on a user's web browser who is logged into Webmin. Solution...
IBM Websphere Application Server 7.0.0.13 - Cross-Site Request Forgery
IBM Websphere Application Server 7.0.0.13 - Cross-Site Request Forgery -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://corelabs.coresecurity.com/ IBM WebSphere Application Server Cross-Site Request Forgery 1. Advisory Information Title: IBM...
cPanel XSRF vulnerabilities
Overview cPanel contains multiple cross-site request forgery XSRF vulnerabilities. If successfully exploited, these vulnerabilities may allow an attacker to execute arbitrary commands. Description cPanel, a web-based tool that is designed to automate and control web sites and servers, contains...