6665 matches found
ntop - arbfile Cross-Site Scripting
ntop - arbfile Cross-Site Scripting source: https://www.securityfocus.com/bid/54792/info ntop is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting...
Barracuda Email Security Service - Multiple HTML Injection Vulnerabilities
Barracuda Email Security Service - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/54773/info Barracuda Email Security Service is prone to multiple HTML-injection vulnerabilities because it fails to properly validate user-supplied input. An attacker may leverage...
Kaspersky Password Manager - Filter Bypass Vulnerability
Document Title: =============== Kaspersky Password Manager - Filter Bypass Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=674 Download: http://www.vulnerability-lab.com/resources/videos/674.wmv View: http://www.youtube.com/watch?v=8D86ic9opYE Advisory:...
Multiple vulnerabilities in jCore
High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in jCore, which can be exploited to perform Cross-Site Scripting XSS and SQL Injection attacks. 1 SQL Injection in jCore: CVE-2012-4232 1.1 Input passed via the "memberloginid" COOKIE parameter to /admin/index.php is not...
Barracuda Application Validation Filter Bypass
Title: ====== Barracuda Appliances - Validation Filter Bypass Vulnerability Date: ===== 2012-07-16 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=661 VL-ID: ===== 661 Common Vulnerability Scoring System: ==================================== 5.5 Abstract: ========= The...
Distimo Monitor - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/54757/info Distimo Monitor is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user i...
Dr. Web Control Center 6.00.3.201111300 Cross Site Scripting
Dr. Web Control Center Admin UI Remote Script Code Injection ============================================================= Affected Products/Versions -------------------------- Product Name: Dr. Web Enterprise Server Version Number: 6.00.3.201111300 Product/Company Information...
Dr. Web Control Center 6.00.3.201111300 - Cross-Site Scripting
Dr. Web Control Center Admin UI Remote Script Code Injection ============================================================= Affected Products/Versions -------------------------- Product Name: Dr. Web Enterprise Server Version Number: 6.00.3.201111300 Product/Company Information...
DataWatch Monarch Business Intelligence - Multiple Input Validation Vulnerabilities
source: https://www.securityfocus.com/bid/54733/info DataWatch Monarch Business Intelligence is prone to multiple input validation vulnerabilities. Successful exploits will allow an attacker to manipulate the XPath query logic to carry out unauthorized actions on the XML documents of the...
Temenos T24 R07.03 Cross Site Scripting
TEMENOS T24 R07.03 reflected cross-site scripting Class: Input Validation Error Remote: Yes Local: No Published: 26/06/2012 Credit: Raymond Rizk of Dionach Limited [email protected] Vulnerable: TEMENOS T24 R07.03 TEMENOS T24 is prone to a reflected cross-site scripting vulnerability because it...
Dr. Web Control Center 6.00.3.201111300 - Cross-Site Scripting
Dr. Web Control Center 6.00.3.201111300 - Cross-Site Scripting Dr. Web Control Center Admin UI Remote Script Code Injection ============================================================= Affected Products/Versions -------------------------- Product Name: Dr. Web Enterprise Server Version Number:...
Scrutinizer 9.0.1.19899 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/54725/info Scrutinizer is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in th...
Microsoft Outlook Exchange Server Cross-Site Scripting (MS05-029; CVE-2005-0563)
A cross-site scripting vulnerability has been reported in the Outlook Web Access component of Exchange Server 5.5. The flaw is caused due to insufficient sanitization of specially crafted email messages. A remote attacker can leverage this flaw to inject and execute script code in the security...
JW Player - 'playerready' Cross-Site Scripting
source: https://www.securityfocus.com/bid/54739/info JW Player is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...
JW Player - playerready Cross-Site Scripting
JW Player - playerready Cross-Site Scripting source: https://www.securityfocus.com/bid/54739/info JW Player is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
rdtax.myeg.com.my Cross Site Scripting
Exploit Title: rdtax.myeg.com.my XSS Vulnerability Date: 27/07/2012 Author: Ryuzaki Lawlet Web/Blog: http://justryuz.blogspot.com Category: webapps Security:RISK: normal Vendor or Software Link: Google dork: - Tested on: Linux Exploit/p0c : http://localhost:80/path/path/chooseIns.jsp?agent= Proof...
REDAXO 'subpage' Parameter Cross Site Scripting Vulnerability
REDAXO 'subpage' Parameter Cross Site Scripting Vulnerability. Webapps exploit for php platform source: http://www.securityfocus.com/bid/54670/info REDAXO is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issu...
WebKit Cross-Site Scripting Filter - Cross-Site ScriptingAuditor.cpp Security Bypass
WebKit Cross-Site Scripting Filter - Cross-Site ScriptingAuditor.cpp Security Bypass source: https://www.securityfocus.com/bid/56570/info WebKit is prone to a security-bypass vulnerability. An attacker can exploit this vulnerability to bypass the cross-site scripting filter mechanism. Successful...
Novell GroupWise WebAccess User.interface XSS
The version of Novell GroupWise WebAccess hosted on the remote web server has a cross-site scripting vulnerability. This vulnerability is present when files are retrieved by passing a directory traversal string to the User.interface parameter. An attacker could exploit this by tricking a user int...
FreeBSD : Dokuwiki -- XSS vulnerability (2fe4b57f-d110-11e1-ac76-10bf48230856)
Secunia Research reports : Secunia Research has discovered a vulnerability in DokuWiki, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the 'ns' POST parameter in lib/exe/ajax.php when 'call' is set to 'medialist' and 'do' is set to 'media' is n...