EUVD-2004-1693

Malware in sbrugna...

EUVD-2004-1694

Malware in sbrugna...

Pinnacle Systems ShowCenter 1.51 SettingsBase.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11415/info Pinnacle Systems ShowCenter is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permit a remote...

Pinnacle ShowCenter 1.51 Web Interface Skin Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11232/info The Pinnacle Systems ShowCenter web-based interface is reported prone to a remote denial of service vulnerability. The issue exists due to a lack of sanity checks performed on the Skin parameter of a ShowCenter...

Pinnacle ShowCenter Skin XSS

The remote host runs the Pinnacle ShowCenter web based interface. The remote version of this software is vulnerable to cross-site scripting attack due to a lack of sanity checks on skin parameter in the SettingsBase.php script. With a specially crafted URL, an attacker can cause arbitrary code...

Pinnacle ShowCenter Skin DoS

The remote host runs the Pinnacle ShowCenter web based interface. The remote version of this software is vulnerable to a remote denial of service due to a lack of sanity checks on skin parameter. With a specially crafted URL, an attacker can deny service of the ShowCenter web based interface...

Pinnacle ShowCenter Skin XSS

The remote host runs the Pinnacle ShowCenter web based interface. The remote version of this software is vulnerable to cross-site scripting attack due to a lack of sanity checks on skin parameter in the SettingsBase.php script. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions...

Pinnacle ShowCenter Skin DoS

The remote host runs the Pinnacle ShowCenter web based interface. The remote version of this software is vulnerable to a remote denial of service due to a lack of sanity checks on skin parameter. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenc...

CVE-2004-1700

The CVE-2004-1700 entry affects Pinnacle ShowCenter (web interface), specifically the skin parameter handling in SettingsBase.php. The root cause is insufficient input validation for the Skin parameter, enabling cross-site scripting (XSS) and, per OpenVAS, potentially arbitrary code execution wit...

CVE-2004-1699

The CVE-2004-1699 entry concerns Pinnacle ShowCenter (version 1.51) where SettingsBase.php is vulnerable to a remote denial of service caused by an invalid Skin parameter. OpenVAS/Nessus reports that a specially crafted request to the web interface can trigger errors and deny service, indicating ...

CVE-2004-1699

SettingsBase.php in Pinnacle ShowCenter 1.51 allows remote attackers to cause a denial of service web interface errors via an invalid Skin parameter...

CVE-2004-1700

Cross-site scripting XSS vulnerability in SettingsBase.php in Pinnacle ShowCenter 1.51 build 121 allows remote attackers to inject arbitrary HTML or web script via the Skin parameter, which is echoed in an error message...

Pinnacle ShowCenter SettingsBase.php Skin Parameter XSS

The remote host runs the Pinnacle ShowCenter web-based interface. The remote version of this software is vulnerable to cross-site scripting attack due to a lack of sanity checks on skin parameter in the SettingsBase.php script. With a specially crafted URL, an attacker can cause arbitrary code...

[SA12613] Pinnacle ShowCenter Skin File Cross-Site Scripting Vulnerability

TITLE: Pinnacle ShowCenter Skin File Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA12613 VERIFY ADVISORY: http://secunia.com/advisories/12613/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Pinnacle ShowCenter 1.x http://secunia.com/product/3938/...

CVE-2004-1700

Cross-site scripting XSS vulnerability in SettingsBase.php in Pinnacle ShowCenter 1.51 build 121 allows remote attackers to inject arbitrary HTML or web script via the Skin parameter, which is echoed in an error message...

Pinnacle Systems ShowCenter 1.51 - SettingsBase.php Cross-Site Scripting

Pinnacle Systems ShowCenter 1.51 - SettingsBase.php Cross-Site Scripting source: https://www.securityfocus.com/bid/11415/info Pinnacle Systems ShowCenter is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI...

Pinnacle Systems ShowCenter 1.51 - 'SettingsBase.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/11415/info Pinnacle Systems ShowCenter is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permit a remote attacker to create a malicious URI...

Pinnacle ShowCenter Skin DoS

The remote host runs the Pinnacle ShowCenter web-based interface. The remote version of this software is vulnerable to a remote denial of service due to a lack of sanity checks on skin parameter. With a specially crafted URL, an attacker can deny service of the ShowCenter web-based interface...

Pinnacle ShowCenter DoS

Web interface DoS with non-existant skin...

Pinnacle ShowCenter Skin Denial of Service

Dear ladies and gentlemen, I am a proud user of the Pinnacle ShowCenter 1.51. When I was playing around with the system, it seems I have found a denial of service attack against the web interface. First I did manually a HTTP GET request that selects a non-existent skin:...