Adobe Reader Cross-Site Scripting & Denial of Service Vulnerabilities - Mac OS X

Adobe Reader is prone to cross site scripting and denial of service vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

WordPress Uploader Plugin Multiple Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescription...

ECE Projects Cross Site Scripting

ECE Projects XSS Cross-site Scripting Security Vulnerabilities Exploit Title: ECE Projects XSS Cross-site Scripting Security Vulnerabilities Vendor: ECE Projektmanagement G.m.b.H. & Co. KG ECE Product: ECE Projects Vulnerable Versions: Tested Version: Advisory Publication: April 01, 2015 Latest...

ownCloud Multiple XSS Vulnerabilities-01 (Apr 2014)

ownCloud is prone to multiple XSS vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:owncloud:owncloud"; if...

ionCube Loader < 2.46 Multiple Vulnerabilities - Active Check

ionCube Loader is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CMSimple 3.54 Cross Site Scripting

Advisory ID: HTB23205 Product: CMSimple Vendor: Preben Bjorn Biermann Madsen Vulnerable Versions: 3.54 and probably prior Tested Version: 3.54 Advisory Publication: February 26, 2014 without technical details Vendor Notification: February 26, 2014 Vendor Patch: February 26, 2014 Public Disclosure...

BigACE 2.7.5 - &#039;LANGUAGE&#039; Directory Traversal

source: https://www.securityfocus.com/bid/66350/info BIGACE Web CMS is prone to an SQL-injection vulnerability and a local file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these vulnerabilities to compromise the application, access o...

BigACE 2.7.5 - LANGUAGE Directory Traversal

BigACE 2.7.5 - LANGUAGE Directory Traversal source: https://www.securityfocus.com/bid/66350/info BIGACE Web CMS is prone to an SQL-injection vulnerability and a local file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these...

BarracudaDrive 6.6 Cross Site Scripting

Title : BarracudaDrive Multiple XSS Vulnerabilities Author : Prabhu S Angadi SecPod Technologies Pvt. Ltd. http://www.secpod.com Vendor : http://barracudadrive.com Advisory : http://secpod.org/blog/?p=2158 http://secpod.org/advisories/SecPodBarracudaDriveMultXSSVuln.txt Software : BarracudaDrive...

PyroCMS &quot;email&quot;跨站脚本漏洞

PyroCMS是一款内容管理系统。 由于传递到index.php/register中"email" POST参数的输入在返回用户前未能正确过滤，攻击者可以利用漏洞在受影响站点上下文的用户浏览器会话中执行任意HTML和脚本代码。 0 PyroCMS 2.2.3 目前厂商暂无提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： https://www.pyrocms.com/...

Open Web Analytics < 1.5.6 Reflected XSS Vulnerability - Active Check

Open Web Analytics is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Oracle Demantra 12.2.1 - Stored XSS Vulnerability

Exploit for windows platform in category web applications Details: The TaskSender area is vulnerable to a stored cross-site scripting vulnerability. Impact: An attacker could exploit this flaw to get active HTML or script code executed in an authenticated user’s browser. Cross-site Scripting may ...

Oracle Demantra 12.2.1 - Persistent Cross-Site Scripting

Oracle Demantra 12.2.1 - Persistent Cross-Site Scripting Details: The TaskSender area is vulnerable to a stored cross-site scripting vulnerability. Impact: An attacker could exploit this flaw to get active HTML or script code executed in an authenticated user’s browser. Cross-site Scripting may b...

ASUS Router Multiple Vulnerabilities

The host is running ASUS Router and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodasusroutersmultvuln.nasl 6663 2017-07-11 09:58:05Z teissa $ ASUS Router Multiple Vulnerabilities Authors: Antu Sanadi Copyright: Copyright C 2014 SecPod, http://www.secpod.com This...

SeaMonkey Multiple XSS Vulnerabilities (Feb 2014) - Mac OS X

SeaMonkey is prone to multiple cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Mozilla Thunderbird Multiple XSS Vulnerabilities (Feb 2014) - Windows

Mozilla Thunderbird is prone to multiple cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

SeaMonkey Multiple XSS Vulnerabilities (Feb 2014) - Windows

SeaMonkey is prone to multiple cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Boxcryptor Cross Site Scripting

============================================= INTERNET SECURITY AUDITORS ALERT 2014-001 - Original release date: February 4, 2014 - Last revised: February 4, 2014 - Discovered by: Vicente Aguilera Diaz - Severity: 4.3/10 CVSSv2 Base Scored - CVE-ID: - =============================================...

Cross-Site Scripting (XSS) in Ilch CMS

High-Tech Bridge Security Research Lab discovered vulnerability in Ilch CMS, which can be exploited to perform Cross-Site Scripting XSS attacks against users and administrators of vulnerable application. 1 Cross-Site Scripting XSS in Ilch CMS: CVE-2014-1944 The vulnerability exists due to...

Rhino - Cross-Site Scripting Password Reset

Rhino - Cross-Site Scripting Password Reset source: https://www.securityfocus.com/bid/65628/info Rhino is prone to a cross-site scripting vulnerability and security-bypass vulnerability . An attacker can exploit these issues to execute arbitrary script code in the context of the vulnerable site,...