5207 matches found
Novell iManager and NetIQ iManager Cross-Site Scripting Vulnerabilities
NetIQ iManager is a WEB-based application from NetIQ, Inc. that allows you to use wireless devices to manage and configure eDirectory objects. novell iManager is a WEB-based application from Novell, Inc. that allows you to use wireless devices to manage and configure novell eDirectory objects. A...
Nagios Cross-Site Scripting Vulnerability
Nagios is a free and open source computer software application for monitoring systems, networks and infrastructure. Nagios suffers from a cross-site scripting vulnerability. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...
Tenable Log Correlation Engine Cross-Site Scripting Vulnerability
Tenable Log Correlation Engine a.k.a. LCE is a log correlation engine that provides log analysis and event monitoring from Tenable Network Security. A cross-site scripting vulnerability exists in versions of Tenable LCE prior to 4.8.1. A remote attacker can exploit this vulnerability to execute...
phpMyAdmin cross-site scripting vulnerability (CNVD-2016-01426)
phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. A cross-site scripting vulnerability exists in...
Cisco Unity Connection Cross-Site Scripting Vulnerability (CNVD-2016-01055)
Cisco Unity Connection UC is a voice messaging platform from Cisco. The platform can use voice commands to make calls or listen to messages in a "hands-free" way. A cross-site scripting vulnerability exists in Cisco UC version 11.5 0.199. A remote attacker can exploit this vulnerability to inject...
Multiple Buffalo Products Cross-Site Scripting Vulnerabilities
Buffalo is the wireless router product of the Buffalo Group. A cross-site scripting vulnerability exists in multiple Buffalo products. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...
CVE-2016-1912
Multiple cross-site scripting XSS vulnerabilities in Dolibarr ERP/CRM 3.8.3 allow remote authenticated users to inject arbitrary web script or HTML via the 1 lastname, 2 firstname, 3 email, 4 job, or 5 signature parameter to htdocs/user/card.php...
Multiple GE Switches Cross-Site Scripting Vulnerability
GE Multilink ML800 and others are Ethernet switch products from General Electric GE. A cross-site scripting vulnerability exists in multiple GE switches. A remote attacker can exploit the vulnerability to inject arbitrary web script or HTML...
Multiple Cisco FireSight Management Center Cross-Site Scripting Vulnerabilities
Cisco FireSight Management Center is a holistic visibility security management platform from Cisco. This security management console and data repository product provides centralized event and policy management to enable secure operations. A cross-site scripting vulnerability exists in multiple...
Cross site scripting
Cross-site scripting XSS vulnerability in the Ubercart Webform Integration module before 6.x-1.8 and 7.x before 7.x-2.4 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-2957
Cross-site scripting XSS vulnerability in Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allow remote authenticated users to inject arbitrary web script or HTML via a crafted 1 database, 2 table, or 3 column name that is improperly handled during...
ecoCMS 18.4.2010 'admin.php' Cross Site Scripting Vulnerability
No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register from urlparse import urljoin class TestPOCPOCBase: vulID = 'SSV-87089' vul ID version = '1' author = 'fenghh' vulDate =...
PHP Web Scripts Ad Manager Pro 2.0 Advertiser_statistic.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15847/info Ad Manager Pro is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation cou...
PHP Web Scripts Easy Banner Functions.PHP Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20295/info Easy Banner is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the...
Google Chrome Multiple Vulnerabilities - 01 (Jun 2014) - Windows
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
CVE-2013-2149
Multiple cross-site scripting XSS vulnerabilities in ownCloud before 4.0.16 and 5.x before 5.0.7 allow remote authenticated users to inject arbitrary web script or HTML via vectors related to shared files...
CVE-2013-6320
CVE-2013-6320 is an XSS vulnerability affecting IBM Algo One as used in MetaData Management Tools (UDS 4.7.0–5.0.0), and in Algo Security Access Control Management (ACSWeb in Algo) (4.7.0–4.9.0) and AlgoWebApps (5.0.0). The underlying issue is a cross-site scripting flaw that allows remote authen...
CVE-2014-1965
CVE-2014-1965 is an XSS vulnerability in the ISpeakAdapter of SAP Exchange Infrastructure (BC-XI) Integration Repository. Affected: SAP NetWeaver components 3.0, 7.00–7.02, and 7.10–7.11. Description: remote attackers could inject arbitrary web script/HTML via PIP vectors. Impact: potential brows...
Cross site scripting
Cross-site scripting XSS vulnerability in Coursemill Learning Management System LMS 6.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to error messages...