[SECURITY] Fedora 21 Update: phpMyAdmin-4.3.11.1-1.fc21

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

CVE-2014-8110

Multiple cross-site scripting XSS vulnerabilities in the web based administration console in Apache ActiveMQ 5.x before 5.10.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

PT-2015-4003 · Apache · Apache Activemq

Name of the Vulnerable Software and Affected Versions: Apache ActiveMQ versions prior to 5.10.1 Description: The issue concerns multiple cross-site scripting XSS vulnerabilities in the web-based administration console. These vulnerabilities allow remote attackers to inject arbitrary web script or...

ovirt-engine-webadmin: HttpOnly flag is not included when the session ID is set

It was found that the oVirt web admin interface did not include the HttpOnly flag when setting session IDs with the Set-Cookie header. This flaw could make it is easier for a remote attacker to hijack an oVirt web admin session by leveraging a cross-site scripting XSS vulnerability...

Updated znc package fixes CVE-2014-9403

Updated znc packages fix security vulnerability: Adding an already existing channel to a user/network via web admin in ZNC causes a crash if the channel name isn't prefixed with '' CVE-2014-9403...

DEBIAN-CVE-2014-9403

The CWebAdminMod::ChanPage function in modules/webadmin.cpp in ZNC before 1.4 allows remote authenticated users to cause a denial of service NULL pointer dereference and crash by adding a channel with the same name as an existing channel but without the leading character, related to a...

LG Electronics mobile access routers lack access restrictions

Overview LG Electronics mobile access routers provided by NTT DOCOMO, INC. lack access restrictions in the web administration interface. Taiga Asano reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An attacke...

CVE-2014-0152

Session fixation vulnerability in the web admin interface in oVirt 3.4.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors...

Session fixation

Session fixation vulnerability in the web admin interface in oVirt 3.4.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors...

CVE-2014-0152

CVE-2014-0152 affects oVirt Web Admin Interface (3.4.0 and earlier). Root cause: after authentication, a new session ID is not generated and session IDs may be stored in HTML5 local storage, not protected by same-origin policy. This enables a remote attacker to hijack a logged-in user’s session v...

CVE-2014-0152

Session fixation vulnerability in the web admin interface in oVirt 3.4.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors...

PT-2014-3504 · Ovirt · Ovirt

Name of the Vulnerable Software and Affected Versions: oVirt versions 3.4.0 and earlier Description: A session fixation issue in the web admin interface allows remote attackers to hijack web sessions. Recommendations: For versions 3.4.0 and earlier, update to a version later than 3.4.0 to resolve...

CMS MAXSITE <= 1.10 (category) Remote SQL Injection Vulnerability

No description provided by source. CMS MAXSITE Remote SQL Injection Exploit = 1.10 + Author: Tesz @ THD + Home: http://www.thaishadow.com + Forum: http://www.thaishadow.com/board/index.php + Download: http://maxsite.geniuscyber.com/index.php?name=index + Dork: MAXSITE or intitle:MAXSITE + Exploit...

McAfee Email Gateway - Web Administration Broken Access Control

No description provided by source...

ovirt-engine-webadmin: session fixation

Session fixation vulnerability in the web admin interface in oVirt 3.4.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors...

Quantum vmPRO Web Administration Interface Detection

Binary data quantumvmprodetect.nbin...

Cisco WAAS Mobile Server Web Administration Interface Detection

Binary data ciscowaasmobilehttpdetect.nbin...

web_admin_tools /yb/yb.php 代码执行漏洞

No description provided by source...

MongoDB Web Interface Detection

The remote web server is running the MongoDB Web Admin Interface. This interface lists information of interest to administrators of MongoDB, a document-oriented database system. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid65915; scriptversion"1.6";...

Cyberoam Admin Console Detection

Cyberoam UTM's web admin console is running on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid61446; scriptversion"1.7"; scriptsetattributeattribute:"pluginmodificationdate", value:"2020/09/14"; scriptnameenglish:"Cyberoam Admin Console Detection";...