12 matches found
EUVD-2014-2997
Malware in sbrugna...
EUVD-2014-2996
Malware in sbrugna...
Silver Peak VX < 6.2.4 XSS
The Silver Peak VX install hosted on the remote web server is affected by a cross-site scripting XSS vulnerability in the 'userid' parameter of the '/php/useraccount.php' script. An attacker can leverage this issue to inject arbitrary HTML and script code into a user's browser to be executed with...
Silver Peak VX Default Credentials
The remote web server hosts a Silver Peak VX installation that uses default credentials for the 'admin' account. A remote attacker can exploit this to gain administrative access to the application. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...
CVE-2014-2974
Cross-site request forgery CSRF vulnerability in php/useraccount.php in Silver Peak VX through 6.2.4 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts...
CVE-2014-2975
Cross-site scripting XSS vulnerability in php/useraccount.php in Silver Peak VX before 6.2.4 allows remote attackers to inject arbitrary web script or HTML via the userid parameter...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in php/useraccount.php in Silver Peak VX through 6.2.4 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts...
Cross site scripting
Cross-site scripting XSS vulnerability in php/useraccount.php in Silver Peak VX before 6.2.4 allows remote attackers to inject arbitrary web script or HTML via the userid parameter...
CVE-2014-2975
Cross-site scripting XSS vulnerability in php/useraccount.php in Silver Peak VX before 6.2.4 allows remote attackers to inject arbitrary web script or HTML via the userid parameter...
CVE-2014-2975
Silver Peak VX prior to version 6.2.4 is affected by a reflected cross-site scripting (XSS) vulnerability in the /php/user_account.php module where the user_id parameter can inject arbitrary HTML/script into a user’s browser. Exploitation could arise from crafted input, as noted across CVE-2014-2...
CVE-2014-2974
The CVE-2014-2974 issue affects Silver Peak VX prior to a fixed release. A CSRF in /php/user_account.php allows an unauthenticated user to cause administrative accounts to be created, enabling an attacker to hijack administrator sessions/privileges. Affected product: Silver Peak VX (versions up t...
Silver Peak VX is vulnerable to cross-site request forgery and cross-site scripting
Overview Silver Peak VX version 6.2.2.047968 is vulnerable to cross-site request forgery and cross-site scripting. Description CWE-352: Cross-Site Request Forgery CSRF - CVE-2014-2974Silver Peak VX version 6.2.2.047968 contains a cross-site request forgery vulnerability in /php/useraccount.php...