26 matches found
EUVD-2013-3672
Malware in sbrugna...
K44164245: XSS vulnerability CVE-2013-2618
Security Advisory Description Cross-site scripting XSS vulnerability in editor.php in Network Weathermap before 0.97b allows remote attackers to inject arbitrary web script or HTML via the maptitle parameter. CVE-2013-2618 Impact There is no impact; F5 products are not affected by this...
VulnCheck KEV: CVE-2013-2618
Cross-site scripting XSS vulnerability in editor.php in Network Weathermap before 0.97b allows remote attackers to inject arbitrary web script or HTML via the maptitle parameter...
VulnCheck KEV: CVE-2013-3739
Directory traversal vulnerability in editor.php in Network Weathermap 0.97c and earlier allows remote attackers to read arbitrary files via a .. dot dot in the mapname parameter in a showconfig action...
Network Weathermap Persistent Cross-Site Scripting (CVE-2013-2618)
A cross-site scripting vulnerability has been reported in Network Weathermap. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
CactiEZ_weathermap插件任意文件写入
No description provided by source...
CactiEZ plugin weathermap arbitrary file write vulnerability
Cacti is a set of PHP, MySQL, SNMP and RRDTool based on the development of graphical analysis of network traffic monitoring tools.Weathermap is cacti in one of the most used plug-ins , you can use it to draw a network topology map . The CactiEZ plugin weathermap has an arbitrary file write...
Weathermap 0.97c (editor.php, mapname param) - Local File Inclusion
No description provided by source...
Network Weathermap 0.97a (editor.php) - Persistent XSS
No description provided by source. Network Weathermap 0.97a - Persistent XSS Earlier versions are also possibly vulnerable. INFORMATION Product: Network Weathermap 0.97a Remote-exploit: yes Vendor-URL: http://www.network-weathermap.com/ Discovered by: Daniel Ricardo dos Santos CVE Request -...
CVE-2013-3739
Directory traversal vulnerability in editor.php in Network Weathermap 0.97c and earlier allows remote attackers to read arbitrary files via a .. dot dot in the mapname parameter in a showconfig action...
CVE-2013-2618
Cross-site scripting XSS vulnerability in editor.php in Network Weathermap before 0.97b allows remote attackers to inject arbitrary web script or HTML via the maptitle parameter...
Directory traversal
Directory traversal vulnerability in editor.php in Network Weathermap 0.97c and earlier allows remote attackers to read arbitrary files via a .. dot dot in the mapname parameter in a showconfig action...
Cross site scripting
Cross-site scripting XSS vulnerability in editor.php in Network Weathermap before 0.97b allows remote attackers to inject arbitrary web script or HTML via the maptitle parameter...
CVE-2013-2618
Cross-site scripting XSS vulnerability in editor.php in Network Weathermap before 0.97b allows remote attackers to inject arbitrary web script or HTML via the maptitle parameter...
CVE-2013-3739
CVE-2013-3739 concerns a Local File Inclusion in Network Weathermap
CVE-2013-2618
CVE-2013-2618 affects Network Weathermap: an XSS in editor.php where the map_title parameter can inject arbitrary script/HTML. Vulnerable in versions before 0.97b; remote exploitation reported (e.g., exploit-db). Impact is persistent DOM/script injection as described in multiple advisories; remed...
CVE-2013-3739
Directory traversal vulnerability in editor.php in Network Weathermap 0.97c and earlier allows remote attackers to read arbitrary files via a .. dot dot in the mapname parameter in a showconfig action...
CVE-2013-2618
Cross-site scripting XSS vulnerability in editor.php in Network Weathermap before 0.97b allows remote attackers to inject arbitrary web script or HTML via the maptitle parameter. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2013-3739 Local File Inclusion in Weathermap <= 0.97C
============================================= WEBERA ALERT ADVISORY 01 - Discovered by: Anthony Dubuissez - Severity: high - CVE Request - 03/06/2013 - CVE Assign - 03/06/2013 - CVE Number - CVE-2013-3739 - Vendor notification - 03/06/2013 - Vendor reply - No reply - Public disclosure - 10/06/201...
Weathermap 0.97c (editor.php, mapname param) - Local File Inclusion
Exploit for php platform in category web applications I. VULNERABILITY ------------------------- Local File Inclusion in Weathermap = 0.97C II. BACKGROUND ------------------------- Network Weathermap is a network visualisation tool, to take data you already have and show you an overview of your...