26 matches found
EUVD-2002-0447
Malware in sbrugna...
EUVD-2002-0745
Malware in sbrugna...
TalentSoft Web+ Client/Monitor/server 4.6 Internal IP Address Disclosure
No description provided by source. source: http://www.securityfocus.com/bid/1720/info Talentsoft Web+ is a web application server that can be integrated with various web technologies. A vulnerability exists in one of the CGI applications implemented by Web+. It is possible for a remote user to...
TalentSoft Web+ Shop 5.0 Deptname Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/17418/info Web+ Shop is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary scri...
TalentSoft Web+ Client/Monitor/server 4.6 Source Code Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1722/info Talentsoft Web+ is a web application server that can be integrated with various web technologies. Web+ can be used to display the source code of WML files residing on an NTFS parition by appending certain data t...
Cross site scripting
Cross-site scripting XSS vulnerability in webplus.exe in TalentSoft Web+Shop 5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the deptname parameter, possibly involving the webpshop/ department.wml script...
CVE-2006-1682
Cross-site scripting XSS vulnerability in webplus.exe in TalentSoft Web+Shop 5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the deptname parameter, possibly involving the webpshop/ department.wml script...
CVE-2006-1682
CVE-2006-1682 describes a cross-site scripting (XSS) vulnerability in webplus.exe within TalentSoft Web+Shop 5.0 and earlier. The issue allows remote attackers to inject arbitrary web script or HTML via the deptname parameter, potentially involving the webpshop/ department.wml script. The descrip...
TalentSoft Web+ Shop 5.0 - 'Deptname' Cross-Site Scripting
source: https://www.securityfocus.com/bid/17418/info Web+ Shop is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of...
TalentSoft Web+ webplus.exe Path Disclosure
The remote host appears to be running Web+ Application Server. The version of Web+ installed on the remote host reveals the physical path of the application when it receives a script file error. %NASLMINLEVEL 70300 This script was written by David Kyger See the Nessus Scripts License for details...
CVE-2002-0753
Buffer overflow in Talentsoft Web+ 5.0 allows remote attackers to execute arbitrary code via an HTTP request with a long cookie...
CVE-2002-0449
Buffer overflow in webpsvc.exe for Talentsoft Web+ 5.0 and earlier allows remote attackers to execute arbitrary code via a long argument to webplus.exe program, which triggers the overflow in webpsvc.exe...
CVE-2002-0753
Buffer overflow in Talentsoft Web+ 5.0 allows remote attackers to execute arbitrary code via an HTTP request with a long cookie...
CVE-2002-0753
CVE-2002-0753 : Buffer overflow in Talentsoft Web+ 5.0 allows remote attackers to execute arbitrary code via an HTTP request with a long cookie. The connected documents confirm the vulnerability description but do not provide additional technical details, affected versions beyond 5.0, exploit spe...
CVE-2002-0450
Buffer overflow in Talentsoft Web+ 5.0 and earlier allows remote attackers to execute arbitrary code via a long Web Markup Language wml file name to 1 webplus.dll or 2 webplus.exe...
CVE-2002-0450
Buffer overflow in Talentsoft Web+ 5.0 and earlier allows remote attackers to execute arbitrary code via a long Web Markup Language wml file name to 1 webplus.dll or 2 webplus.exe...
CVE-2002-0449
CVE-2002-0449 affects Talentsoft Web+ up to version 5.0, where a buffer overflow in the Web+ component webpsvc.exe (triggered via a crafted URI in webplus.exe ) allows remote code execution. The vulnerability can execute code with the privileges of the user running webpsvc.exe (often SYSTEM). CER...
Buffer overflow in Talentsoft Web+
Buffer overflows in CGI supplied applications, cookie processing...
Buffer Overrun in Talentsoft's Web+ (#NISR01032002A)
NGSSoftware Insight Security Research Advisory Name: Web+ Buffer Overflow Systems Affected: IIS4/5 on Windows NT/2000 Severity: High Risk Category: Buffer Overrun / Privilage Escalation Vendor URL: http://www.talentsoft.com Author: Mark Litchfield [email protected] Date: 1st March 2002 Advisor...
DST2K0042: Possible to read/execute any file with Talentsoft Web+ Application Server example scripts.
============================================================================ Delphis Consulting Plc ============================================================================ Security Team Advisories 26/09/2000 [email protected] http://www.delphisplc.com/thinking/whitepapers/...