SUSE CVE-2009-1175

Cross-site scripting XSS vulnerability in apps/web/vsdiag.cgi in the DAAP extension in Banshee 1.4.2 allows remote attackers to inject arbitrary web script or HTML via the server parameter, which is not properly handled in an error message...

CVE-2009-1175

CVE-2009-1175 is a cross-site scripting vulnerability in Banshee's DAAP extension (version 1.4.2) affecting apps/web/vs_diag.cgi where the server parameter is not properly handled in error messages. This allows remote script/HTML injection. Exploitation details are not provided in the supplied do...

Zeus Admin vs_diag.cgi XSS

The remote host is running the Zeus WebServer. There is a vulnerability in the CGI 'vsdiag.cgi' that may allow an attacker to gain administrative access on that server. To exploit this flaw, the attacker would need to lure the administrator of this server to click on a rogue link. %NASLMINLEVEL...

Another ZEUS Server web admin XSS!

Hi, another XSS, now on the ZEUS web admin interface. The tested software is Zeus 4.2r2 webadmin-4.2r2 on Linux x86 This is not the same issue as bid 6144 index.fcgi, now is on "vsdiag.cgi". Exploit is simple: http://target:9090/apps/web/vsdiag.cgi?server=YOURCODE I have read this post:...