24 matches found
EUVD-2012-0321
Malware in sbrugna...
EUVD-2012-0322
Malware in sbrugna...
EUVD-2012-4295
Malware in sbrugna...
EUVD-2012-0935
Malware in sbrugna...
CVE-2012-0912
SQL injection vulnerability in Stoneware webNetwork before 6.0.8.0 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2012-4352
Multiple cross-site scripting XSS vulnerabilities in Stoneware webNetwork 6.1 before SP1 allow remote attackers to inject arbitrary web script or HTML via the blogName parameter to 1 community/blog.jsp or 2 community/blogSearch.jsp, the 3 calendarType or 4 monthNumber parameter to...
CVE-2012-0285
Multiple cross-site scripting XSS vulnerabilities in Stoneware webNetwork before 6.0.8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2012-0286
Cross-site request forgery CSRF vulnerability in Stoneware webNetwork before 6.0.8.0 allows remote attackers to hijack the authentication of unspecified victims for requests that modify user accounts...
Stoneware webNetwork Multiple Cross-Site Scripting Vulnerabilities
Stoneware webNetwork is prone to multiple cross-site scripting vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Stoneware webNetwork Multiple Cross-Site Scripting Vulnerabilities
This host is installed with Stoneware webNetwork and is prone to multiple cross-site scripting vulnerabilities. OpenVAS Vulnerability Test $Id: gbstonewarewebnetworkmultxssvuln.nasl 7254 2017-09-25 15:54:28Z cfischer $ Stoneware webNetwork Multiple Cross-Site Scripting Vulnerabilities Authors: Ar...
CVE-2012-4352
Multiple cross-site scripting XSS vulnerabilities in Stoneware webNetwork 6.1 before SP1 allow remote attackers to inject arbitrary web script or HTML via the blogName parameter to 1 community/blog.jsp or 2 community/blogSearch.jsp, the 3 calendarType or 4 monthNumber parameter to...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Stoneware webNetwork 6.1 before SP1 allow remote attackers to inject arbitrary web script or HTML via the blogName parameter to 1 community/blog.jsp or 2 community/blogSearch.jsp, the 3 calendarType or 4 monthNumber parameter to...
CVE-2012-4352
Multiple cross-site scripting XSS vulnerabilities in Stoneware webNetwork 6.1 before SP1 allow remote attackers to inject arbitrary web script or HTML via the blogName parameter to 1 community/blog.jsp or 2 community/blogSearch.jsp, the 3 calendarType or 4 monthNumber parameter to...
CVE-2012-4352
Stoneware webNetwork 6.1 before SP1 is affected by multiple cross-site scripting (XSS) vulnerabilities. The flaws allow remote attackers to inject arbitrary web script or HTML through parameters such as blogName (used by community/blog.jsp and community/blogSearch.jsp), calendar.jsp parameters (c...
CVE-2012-0912
SQL injection vulnerability in Stoneware webNetwork before 6.0.8.0 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2012-0286
Cross-site request forgery CSRF vulnerability in Stoneware webNetwork before 6.0.8.0 allows remote attackers to hijack the authentication of unspecified victims for requests that modify user accounts...
Sql injection
SQL injection vulnerability in Stoneware webNetwork before 6.0.8.0 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Stoneware webNetwork before 6.0.8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2012-0285
Multiple cross-site scripting XSS vulnerabilities in Stoneware webNetwork before 6.0.8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2012-0286
Cross-site request forgery CSRF vulnerability in Stoneware webNetwork before 6.0.8.0 allows remote attackers to hijack the authentication of unspecified victims for requests that modify user accounts...