EUVD-2009-0529

Malware in sbrugna...

CVE-2009-0525

Cross-site scripting XSS vulnerability in the sajaxgetcommonjs function in php/Sajax.php in Sajax 0.12 allows remote attackers to inject arbitrary web script or HTML via the URL parameter, which is not properly handled when using browsers that do not URL-encode requests, such as Internet Explorer...

The vulnerability of Juniper SRX 240 router microprogramming software, allowing a hacker to execute arbitrary commands

The Juniper SRX 240 router software contains a vulnerability in the Sajax AJAX library, allowing an attacker to execute any commands due to the lack of validation of request parameters by the sajaxhandleclient function...

The vulnerability of Juniper SRX 240 router microprogramming software allows a attacker to bypass the CSRF protection of the J-Web interface.

The Juniper SRX 240 router software contains a vulnerability in the Sajax AJAX library, which stems from the lack of checking the “csrftoken” parameter for GET requests...

Juniper Networks Junos OS J-Web Sajax Remote Code Execution Vulnerability

Remote Code Execution on J-Web SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:juniper:junos"; if description...

Juniper Junos J-Web Sajax Remote Code Execution (JSA10560)

According to its self-reported version number, the remote Junos device is affected by a remote code execution vulnerability due to a lack of validation when passing input from the 'rs' parameter to the '/jsdm/ajax/port.php' script. Authenticated users, when J-Web is enabled, can execute arbitrary...

PT-2013-1298 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Junos versions prior to 10.4R13 Junos versions 11.4 before 11.4R7 Junos versions 12.1 before 12.1R5 Junos versions 12.2 before 12.2R3 Junos versions 12.3 before 12.3R1 Description: The issue allows remote authenticated users to execute...

Cross site scripting

Cross-site scripting XSS vulnerability in the sajaxgetcommonjs function in php/Sajax.php in Sajax 0.12 allows remote attackers to inject arbitrary web script or HTML via the URL parameter, which is not properly handled when using browsers that do not URL-encode requests, such as Internet Explorer...

CVE-2009-0525

CVE-2009-0525 concerns an XSS vulnerability in the sajax_get_common_js function of php/Sajax.php in Sajax 0.12. The issue arises when user-supplied input via the URL parameter is not properly handled, enabling remote attackers to inject arbitrary web script or HTML, particularly in browsers that ...

CVE-2009-0525

Cross-site scripting XSS vulnerability in the sajaxgetcommonjs function in php/Sajax.php in Sajax 0.12 allows remote attackers to inject arbitrary web script or HTML via the URL parameter, which is not properly handled when using browsers that do not URL-encode requests, such as Internet Explorer...

AjaxPortal LoginADP函数SQL注入漏洞

BUGTRAQ ID: 18897 AjaxPortal是基于Sajax技术的建站解决方案。 AjaxPortal的的LoginADP函数实现上存在SQL注入漏洞，远程攻击者可能利用此漏洞在服务器上执行任意代码。 仅在禁用了PHP魔术引号的情况下才能利用这个漏洞。 MyioSoft AjaxPortal 3.0 MyioSoft -------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://myiosoft.com/...

phpFFL 1.24 - PHPFFL_FILE_ROOT Remote File Inclusion

phpFFL 1.24 - PHPFFLFILEROOT Remote File Inclusion Title : phpFFL 1.24 Remote File Inclusion Vulnerability Title : phpFFL 1.24 Remote File Inclusion Vulnerability Author : Dj7xpl Contact : [email protected] Dawnload : http://sourceforge.net/project/showfiles.php?groupid=137531 Gr33tZ : Y! Undergroun...

phpFFL 1.24 PHPFFL_FILE_ROOT Remote File Inclusion Vulnerabilities

Exploit for unknown platform in category web applications ================================================================== phpFFL 1.24 PHPFFLFILEROOT Remote File Inclusion Vulnerabilities ================================================================== Title : phpFFL 1.24 Remote File Inclusio...

phpFFL 1.24 PHPFFL_FILE_ROOT Remote File Inclusion Vulnerabilities

No description provided by source. Title : phpFFL 1.24 Remote File Inclusion Vulnerability Title : phpFFL 1.24 Remote File Inclusion Vulnerability Author : Dj7xpl Contact : [email protected] Dawnload : http://sourceforge.net/project/showfiles.php?groupid=137531 Gr33tZ : Y! Underground Group , IrR57 ...

[KAPDA::#46] - AjaxPortal Authentication Bypass

KAPDA New advisory Vendor: http://myiosoft.com Vulnerable: AjaxPortal v. 3.0 Bug: Sql Injection Authentication Bypass Exploitation: Remote with browser Description: -------------------- AjaxPortal is based on Sajax technology - an open source tool to make programming websites using the Ajax...