6 matches found
EUVD-2017-18291
Malware in sbrugna...
CVE-2018-7669
An issue was discovered in Sitecore Sitecore.NET 8.1 rev. 151207 Hotfix 141178-1 and above. The 'Log Viewer' application is vulnerable to a directory traversal attack, allowing an attacker to access arbitrary files from the host Operating System using a...
CVE-2017-9356
Sitecore.NET 7.1 through 7.2 has a Cross Site Scripting Vulnerability via the searchStr parameter to the /Search-Results URI...
CVE-2017-9356
The CVE-2017-9356 entry concerns Sitecore.NET versions 7.1–7.2 with a Cross-Site Scripting (XSS) vulnerability in the searchStr parameter of the /Search-Results URI. The root cause is failure to sanitize user-supplied input to the searchStr parameter, enabling an attacker to inject script that ru...
sitecore.net XSS vulnerability
Vulnerable URL: http://www.sitecore.net/search?q=sdsd%3C!%27%2F!%22%2F!%5C%27%2F%5C%22%2F--!%3E%3C%2FTitle%2F%3C%2FScript%2F%3E%3CInput%2FAutofocus%2F%0D%2FOnfocus%3Dconfirm%60OPENBUGBOUNTY%60%2F%2F%3E%3Csvg%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017...
[InterN0T] SiteCore.NET 6.0.0 - XSS Vulnerability
SiteCore.NET - Cross Site Scripting Vulnerability Version Affected: 6.0.0 rev. 090120 We were unable to find out if this is the newest version or not. Info: It's an overpriced CMS for companies running IIS. Credits: InterN0T External Links: http://sitecore.net/ -:: The Advisory ::- Vulnerable...