EUVD-2009-0529

Malware in sbrugna...

CVE-2009-0525

Cross-site scripting XSS vulnerability in the sajaxgetcommonjs function in php/Sajax.php in Sajax 0.12 allows remote attackers to inject arbitrary web script or HTML via the URL parameter, which is not properly handled when using browsers that do not URL-encode requests, such as Internet Explorer...

Juniper Networks Junos OS J-Web Sajax Remote Code Execution Vulnerability

Remote Code Execution on J-Web SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:juniper:junos"; if description...

Juniper Junos J-Web Sajax Remote Code Execution (JSA10560)

According to its self-reported version number, the remote Junos device is affected by a remote code execution vulnerability due to a lack of validation when passing input from the 'rs' parameter to the '/jsdm/ajax/port.php' script. Authenticated users, when J-Web is enabled, can execute arbitrary...

PT-2013-1298 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Junos versions prior to 10.4R13 Junos versions 11.4 before 11.4R7 Junos versions 12.1 before 12.1R5 Junos versions 12.2 before 12.2R3 Junos versions 12.3 before 12.3R1 Description: The issue allows remote authenticated users to execute...

Cross site scripting

Cross-site scripting XSS vulnerability in the sajaxgetcommonjs function in php/Sajax.php in Sajax 0.12 allows remote attackers to inject arbitrary web script or HTML via the URL parameter, which is not properly handled when using browsers that do not URL-encode requests, such as Internet Explorer...

CVE-2009-0525

Cross-site scripting XSS vulnerability in the sajaxgetcommonjs function in php/Sajax.php in Sajax 0.12 allows remote attackers to inject arbitrary web script or HTML via the URL parameter, which is not properly handled when using browsers that do not URL-encode requests, such as Internet Explorer...

CVE-2009-0525

CVE-2009-0525 concerns an XSS vulnerability in the sajax_get_common_js function of php/Sajax.php in Sajax 0.12. The issue arises when user-supplied input via the URL parameter is not properly handled, enabling remote attackers to inject arbitrary web script or HTML, particularly in browsers that ...

AjaxPortal LoginADP函数SQL注入漏洞

BUGTRAQ ID: 18897 AjaxPortal是基于Sajax技术的建站解决方案。 AjaxPortal的的LoginADP函数实现上存在SQL注入漏洞，远程攻击者可能利用此漏洞在服务器上执行任意代码。 仅在禁用了PHP魔术引号的情况下才能利用这个漏洞。 MyioSoft AjaxPortal 3.0 MyioSoft -------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://myiosoft.com/...

phpFFL 1.24 - PHPFFL_FILE_ROOT Remote File Inclusion

phpFFL 1.24 - PHPFFLFILEROOT Remote File Inclusion Title : phpFFL 1.24 Remote File Inclusion Vulnerability Title : phpFFL 1.24 Remote File Inclusion Vulnerability Author : Dj7xpl Contact : [email protected] Dawnload : http://sourceforge.net/project/showfiles.php?groupid=137531 Gr33tZ : Y! Undergroun...

phpFFL 1.24 PHPFFL_FILE_ROOT Remote File Inclusion Vulnerabilities

No description provided by source. Title : phpFFL 1.24 Remote File Inclusion Vulnerability Title : phpFFL 1.24 Remote File Inclusion Vulnerability Author : Dj7xpl Contact : [email protected] Dawnload : http://sourceforge.net/project/showfiles.php?groupid=137531 Gr33tZ : Y! Underground Group , IrR57 ...

phpFFL 1.24 PHPFFL_FILE_ROOT Remote File Inclusion Vulnerabilities

Exploit for unknown platform in category web applications ================================================================== phpFFL 1.24 PHPFFLFILEROOT Remote File Inclusion Vulnerabilities ================================================================== Title : phpFFL 1.24 Remote File Inclusio...

[KAPDA::#46] - AjaxPortal Authentication Bypass

KAPDA New advisory Vendor: http://myiosoft.com Vulnerable: AjaxPortal v. 3.0 Bug: Sql Injection Authentication Bypass Exploitation: Remote with browser Description: -------------------- AjaxPortal is based on Sajax technology - an open source tool to make programming websites using the Ajax...