95 matches found
Spiceworks 6.0.00993 Cross Site Scripting
!-- Title: Spiceworks 6.0.00993 Multiple Script Injection Vulnerabilities Vendor: Spiceworks Inc. Product web page: http://www.spiceworks.com Affected version: 6.0.00993 and 6.0.00966 Summary: The Spiceworks IT Desktop delivers nearly everything you need to simplify your IT job. Available in a...
Spiceworks 6.0.00993 Multiple Script Injection Vulnerabilities
Summary The Spiceworks IT Desktop delivers nearly everything you need to simplify your IT job. Available in a variety of languages, Spiceworks' single, easy-to-use interface combines Network Inventory, Help Desk, Mapping, Reporting, Monitoring and Troubleshooting. And, it connects you with other ...
Spiceworks Client Version Detection
Binary data 6567.prm...
SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting (Authenticated) SQL Injection
SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting Authenticated SQL Injection Product: SpiceWorks Version: 5.3.75941 Vendor Site: http://www.spiceworks.com/community/ Software Download Link:...
SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting / (Authenticated) SQL Injection
Product: SpiceWorks Version: 5.3.75941 Vendor Site: http://www.spiceworks.com/community/ Software Download Link: http://www.spiceworks.com/download/?utmsource=comm-secondary-link&utmmedium=website&utmcampaign=homepage Installer Filename: Spiceworks.exe MD5: 023bd361c0f9402dc07adbc5a72fe31d Contac...
Spiceworks 3.6.31847 XSS / XSRF
nGenuity Information Services - Security Advisory Advisory ID: NGENUITY-2009-009 - Spiceworks Multiple Vulnerabilities XSS & CSRF Application: Spiceworks 3.6.31847 Vendor: Spiceworks Vendor website: http://www.spiceworks.com Author: Adam Baldwin [email protected] Class: XSS, CSRF I...
Spiceworks HTTP Response Accept Header Handling Overflow DoS
The remote host is running Spiceworks IT Desktop, an application used to inventory, monitor, manage and report on software and hardware assets in small and medium-sized businesses. The installed version of Spiceworks is earlier than 4.0. Such versions are reportedly affected by a buffer overflow...
Spiceworks 3.6 Overflow
!/usr/bin/python Spiceworks 3.6 Accept Parameter Overflow Remote Crash P.O.C. Written by: SecureState R&D Author: David Kennedy ReL1K Tested on Windows 2003 SP2 R2 Vendor Notified on: 05/11/2009 Vendor Fix: Fixed in version 4.0 esi 000334E0 ASCII "AAAAAAAAAAAAAAAAAA" edi 000334E0 ASCII...
[NGENUITY] - Spiceworks Multiple Vulnerabilities (XSS & CSRF)
nGenuity Information Services - Security Advisory Advisory ID: NGENUITY-2009-009 - Spiceworks Multiple Vulnerabilities XSS & CSRF Application: Spiceworks 3.6.31847 Vendor: Spiceworks Vendor website: http://www.spiceworks.com Author: Adam Baldwin [email protected] Class: XSS, CSRF I...
SpiceWorks - query Cross-Site Scripting
SpiceWorks - query Cross-Site Scripting source: https://www.securityfocus.com/bid/43248/info Spiceworks is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser o...
SpiceWorks - 'query' Cross-Site Scripting
source: https://www.securityfocus.com/bid/43248/info Spiceworks is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...
Spiceworks 3.6 Accept Parameter Overflow Crash Exploit
Exploit for unknown platform in category dos / poc ====================================================== Spiceworks 3.6 Accept Parameter Overflow Crash Exploit ====================================================== !/usr/bin/python Spiceworks 3.6 Accept Parameter Overflow Remote Crash P.O.C...
SpiceWorks 3.6 - Accept Overflow Crash
SpiceWorks 3.6 - Accept Overflow Crash !/usr/bin/python Spiceworks 3.6 Accept Parameter Overflow Remote Crash P.O.C. Written by: SecureState R&D Author: David Kennedy ReL1K Tested on Windows 2003 SP2 R2 Vendor Notified on: 05/11/2009 Vendor Fix: Fixed in version 4.0 esi 000334E0 ASCII...
Spiceworks 3.6 Accept Parameter Overflow Crash Exploit
No description provided by source. !/usr/bin/python Spiceworks 3.6 Accept Parameter Overflow Remote Crash P.O.C. Written by: SecureState R&D Author: David Kennedy ReL1K Tested on Windows 2003 SP2 R2 Vendor Notified on: 05/11/2009 Vendor Fix: Fixed in version 4.0 esi 000334E0 ASCII...
SpiceWorks 3.6 - 'Accept' Overflow Crash
!/usr/bin/python Spiceworks 3.6 Accept Parameter Overflow Remote Crash P.O.C. Written by: SecureState R&D Author: David Kennedy ReL1K Tested on Windows 2003 SP2 R2 Vendor Notified on: 05/11/2009 Vendor Fix: Fixed in version 4.0 esi 000334E0 ASCII "AAAAAAAAAAAAAAAAAA" edi 000334E0 ASCII...