7T Interactive Graphical SCADA System dc.exe Directory Traversal

Added: 06/03/2011 CVE: CVE-2011-1566 BID: 46936 OSVDB: 72349 Background 7-Technologies Interactive Graphical SCADA System IGSS is a Supervisory Control and Data Acquisition SCADA solution used mainly in Denmark and the US. Problem An input validation error in the Data Collector service dc.exe whe...

Post Revolution 0.8.0c Multiple Remote Vulnerabilities

info ——————————— Name : Post Revolution 0.8.0c Multiple Remote Vulnerabilities Class: Design Error && Input Validation Error CVE: CVE-2011-1952, CVE-2011-1953, CVE-2011-1954 Remote: Yes Local: No Credit : Javier Bassi javierbassi at gmail dot com Vulnerable : All versions prior to and including...

XtreamerPRO Media Server 'dir' Parameter Multiple Directory Traversal Vulnerabilities

XtreamerPRO Media Server is prone to multiple directory traversal vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

IBM DB2 Multiple Security Bypass Vulnerabilities (May-11)

The host is running IBM DB2 and is prone to multiple security bypass vulnerabilities. OpenVAS Vulnerability Test $Id: gbibmdb2multsecbypassvuln.nasl 7585 2017-10-26 15:03:01Z cfischer $ IBM DB2 Multiple Security Bypass Vulnerabilities May-11 Authors: Antu Sanadi Copyright: Copyright c 2011...

IBM Db2 Multiple Security Bypass Vulnerabilities (May 2011)

IBM Db2 is prone to multiple security bypass vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ibm:db2";...

XOOPS 'imagemanager.php' Local File Inclusion Vulnerability

XOOPS is prone to local file inclusion vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xoops:xoops"; ifdescription...

OrangeHRM 'PluginController.php' Local File Inclusion Vulnerability

This host is running with OrangeHRM and is prone to local file inclusion vulnerability. OpenVAS Vulnerability Test $Id: secpodorangehrmlfivuln.nasl 7577 2017-10-26 10:41:56Z cfischer $ OrangeHRM 'PluginController.php' Local File Inclusion Vulnerability Authors: Madhuri D Copyright: Copyright c 20...

WordPress Inline Gallery 'do' Parameter Cross-site Scripting Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescription...

OrangeHRM <= 2.6.3 'PluginController.php' LFI Vulnerability - Active Check

OrangeHRM is prone to local file inclusion vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:orangehrm:orangehrm";...

OpenVAS Manager OMP Request Handling Command Injection Vulnerability

This host is installed with OpenVAS Manager and is prone command injection vulnerability. OpenVAS Vulnerability Test $Id: gbopenvasmanagercommandexecvuln.nasl 7823 2017-11-20 08:54:04Z cfischer $ OpenVAS Manager OMP Request Handling Command Injection Vulnerability Authors: Antu Sanadi Copyright c...

WordPress OPS Old Post Spinner Plugin 'ops_file' Parameter Directory Traversal Vulnerability

WordPress OPS Old Post Spinner Plugin is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

OpenVAS Manager OMP Request Handling Command Injection Vulnerability

OpenVAS Manager is prone to a command injection vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Multiple Vulnerabilities in PHPDug

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in PHPDug which could be exploited to perform cross-site scripting, cross-site request forgery attacks. 1 Cross-site scripting vulnerabilities in PHPDug 1.1 The vulnerability exists due to input sanitation error in...

WordPress WPtouch Plugin < 3.1.1 'wptouch_settings' Parameter XSS Vulnerability - Active Check

The WordPress WPtouch plugin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

VideoLAN VLC Media Player 1.1.8 - ModPlug ReadS3M Stack Buffer Overflow (Metasploit)

$Id: vlcmodplugs3m.rb 12282 2011-04-08 15:48:53Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...

IBM WebSphere Application Server (WAS) Multiple Vulnerabilities - March 2011

The host is running IBM WebSphere Application Server and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbibmwasmultvulnmar11.nasl 7052 2017-09-04 11:50:51Z teissa $ IBM WebSphere Application Server WAS Multiple Vulnerabilities - March 2011 Authors: Sooraj KS Copyright:...

WordPress Processing Embed Plugin 'pluginurl' Parameter Cross Site Scripting Vulnerability

WordPress Processing Embed Plugin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Kodak InSite <= 6.0 Multiple XSS Vulnerabilities - Active Check

Kodak InSite is prone to multiple cross-site scripting XSS vulnerabilities. Copyright C 2011 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...

WordPress IWantOneButton 'post_id' Parameter Cross-site Scripting Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescription...

Kodak InSite Login Page Cross-Site Scripting

Class Input Validation Error CVE Remote Yes Local No Published Feb 14 2011 08:55AM Credit Dionach Vulnerable Kodak InSite 5.5.2 Kodak InSite is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execut...