EmploLeaks - Finding Leaked Employees Info for the Win

Developed by Faraday security researchers, this cutting-edge tool utilizes the power of OpenSource Intelligence techniques. EmploLeaks extracts valuable insights by scouring various platforms, to compile a comprehensive list of employees associated with a given company and cross-reference these...

GHSA-29GQ-H27W-54QF Jenkins VS Team Services Continuous Deployment Plugin stores credentials in plain text

Jenkins VS Team Services Continuous Deployment Plugin stores credentials unencrypted in job config.xml files on the Jenkins controller. These credentials can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

Jenkins VS Team Services Continuous Deployment Plugin stores credentials in plain text

Jenkins VS Team Services Continuous Deployment Plugin stores credentials unencrypted in job config.xml files on the Jenkins controller. These credentials can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

CloudBees Jenkins VS Team Services Continuous Deployment Plugin Trust Management Issue Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . VS Team Services Continuous Deployment Plugin...

Design/Logic Flaw

Jenkins VS Team Services Continuous Deployment Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2019-1003073

The CVE-2019-1003073 entry concerns Jenkins VS Team Services Continuous Deployment Plugin. According to the provided documents, credentials are stored unencrypted in job config.xml files on the Jenkins master/controller. This allows exposure to users with Extended Read permission or anyone with a...

CVE-2019-1003073

Jenkins VS Team Services Continuous Deployment Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

Microsoft FrontPage Server Extensions Cross Site Scripting (MS06-017: CVE-2006-0015)

A Cross Site Scripting vulnerability exists in Microsoft FrontPage Server Extensions and Microsoft SharePoint Team Services. The vulnerability is caused as a result of the failure of these products to properly validate certain CGI parameters passed to them. This vulnerability allows arbitrary HTM...

Microsoft SharePoint Cross Site Scripting Vulnerability

This host is running Microsoft SharePoint Server and is prone to Cross Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: gbmssharepointxssvuln.nasl 5323 2017-02-17 08:49:23Z teissa $ Microsoft SharePoint Cross Site Scripting Vulnerability Authors: Antu Sanadi Copyright: Copyright c 20...

Microsoft SharePoint <= 12.0.0.6421 XSS Vulnerability

Microsoft SharePoint Server is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only nb: While onl...

Code injection

The download functionality in Team Services in Microsoft Office SharePoint Server 2007 12.0.0.4518 and 12.0.0.6219 allows remote attackers to read ASP.NET source code via pathnames in the SourceUrl and Source parameters to layouts/download.aspx...

CVE-2009-3830

CVE-2009-3830 affects Microsoft SharePoint Server 2007 Team Services (versions 12.0.0.4518 and 12.0.0.6219). The vulnerability arises in the download functionality (_layouts/download.aspx) where pathnames supplied via SourceUrl/Source allow disclosure of ASP.NET source code. Impact is information...

Microsoft SharePoint团队协作服务下载功能源代码信息泄漏漏洞

Bugraq ID: 36817 Microsoft SharePoint Server是一款服务器功能集成套件，提供全面的内容管理和企业搜索、加速共享业务流程并便利跨界限信息共享。 Microsoft SharePoint团队协作服务Team Services的下载功能存在漏洞，可导致泄漏ASP.NET文件源代码。 SharePoint Team Services存储各种文件到它的后端数据库中，这些文件包含站点模板，定制ASP.NET页和用于上传到文档库的应用脚本。...

FreeBSD Ports: frontpage -- cross site scripting vulnerability

The remote host is missing an update to the system as announced in the referenced advisory. VID c0171f59-ea8a-11da-be02-000c6ec775d9 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Microsoft FrontPage Server Extensions跨站脚本漏洞（MS06-017)

FrontPage Server Extensions为FrontPage服务扩展，与IIS一起使用可以方便的支持管理、创建以及浏览FrontPage扩展的网站。 FrontPage Server Extensions对HTML页面的处理存在输入验证漏洞，远程攻击者可能在客户机器上执行任意脚本代码。 FrontPage Server Extensions的fpadmdll.dll中的一些参数没有正确的过滤返回给用户的特定输入，导致跨站脚本问题，可能允许攻击者以当前会话权限以客户机的浏览器中执行恶意脚本代码，利用这个漏洞必须用户交互。...

Vulnerability in Microsoft FrontPage Server Extensions Could Allow Cross-Site Scripting

Argeniss Security Advisory Name: Vulnerability in Microsoft FrontPage Server Extensions Could Allow Cross-Site Scripting MS06-17 Affected Software: Microsoft FrontPage Server Extensions 2002 and Microsoft SharePoint Team Services Severity: Medium Remote exploitable: Yes User intervention required...

Cross site scripting

Cross-site scripting XSS vulnerability in vtibin/vtiadm/fpadmdll.dll in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services allows remote attackers to inject arbitrary web script or HTML, then leverage the attack to execute arbitrary programs or create new accounts, via the 1...

CVE-2006-0015

Cross-site scripting XSS vulnerability in vtibin/vtiadm/fpadmdll.dll in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services allows remote attackers to inject arbitrary web script or HTML, then leverage the attack to execute arbitrary programs or create new accounts, via the 1...

CVE-2006-0015

The CVE-2006-0015 entry describes a cross-site scripting (XSS) vulnerability in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services via the /_vti_bin/_vti_adm/fpadmdll.dll page. The root cause is improper sanitization of CGI parameters (operation, command, name), allowing remo...

Microsoft Security Bulletin MS05-006

Microsoft Security Bulletin MS05-006 Vulnerability in Windows SharePoint Services and SharePoint Team Services Could Allow Cross-Site Scripting and Spoofing Attacks 887981 Issued: February 8, 2005 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows SharePoint...