31 matches found
EUVD-2006-3970
Malware in sbrugna...
EUVD-2006-3969
Malware in sbrugna...
EUVD-2006-3968
Malware in sbrugna...
CVE-2024-57278
A reflected Cross-Site Scripting XSS vulnerability exists in /webscan/sqlmap/index.html in QingScan =v1.8.0. The vulnerability is caused by improper input sanitization of the query parameter, allowing an attacker to inject malicious JavaScript payloads. When a victim accesses a crafted URL...
QingScan 安全漏洞
QingScan is a batch vulnerability mining tool by a Chinese daxia individual developer. It is used to glue various good scanners. QingScan v1.8.0 version before the existence of a security vulnerability , the vulnerability stems from /webscan/sqlmap/index.html contains a reflective cross-site...
vulscan
This is a Python-based web application for vulnerability scanning and management. The application is built using the Django framework and includes various features such as: 1. Vulnerability Scanning: The application can scan for vulnerabilities in web applications using a variety of plugins POCs...
PHPYUN最新版Webscan绕过注入四处(可修改任意字段值)
简要描述: PHPYUN最新版Webscan绕过注入四处可修改任意字段值 详细说明: 漏洞参考: WooYun: PHPYUN最新版Webscan绕过注入四处可遍历全站信息,无需登录 看看 站点是怎么修补的: function FormatValues$Values $ValuesStr=''; foreach$Values as $k=$v ifpregmatch"/^a-zA-Z0-9+$/",$k ifpregmatch'/^0-9+$/', $k $ValuesStr.=','.$v; else $ValuesStr.=','.$k.'=''.$v.'''; return...
PHPYUN绕过Webscan向主页推送XSS招聘信息
简要描述: PHPYUN绕过Webscan向主页推送XSS招聘信息 详细说明: api/locoy/model/news.class.php: class newscontroller extends common function addnewsaction//新闻添加 include"locoyconfig.php"; if$locoyinfo'locoyonline'!=1 echo 4;die; if$locoyinfo'locoykey'!=trim$GET'key' echo 5;die; if!$POST'title' || !$POST'content' ||...
PHPYUN最新版Webscan绕过注入四处(可遍历全站信息,无需登录)
简要描述: PHPYUN最新版Webscan绕过注入两处可遍历全站信息,无需登录 详细说明: 首先看问题文件: tiny/index.class.php: class indexcontroller extends common function indexaction sessionstart; if$this-config'sywjlweb'=="2" header"location:".Url'error'; if$GET'keyword'=='请输入简历关键字,例如:会计' $GET'keyword'=''; $M=$this-MODEL'tiny'; $ip = funipge...
cmseasy最新版 一枚注入
简要描述: 可惜没绕过360webscan其实是轻松绕过的 详细说明: cmseasy最新版0318 存在一个注入 漏洞文件:/lib/default/archiveact.php 250-251行: function searchaction //printr$SESSION;exit; if front::get'ule' front::$get'keyword' = strreplace'-', '%', front::$get'keyword'; front::$get'keyword' = urldecodefront::$get'keyword'; if...
Code injection
The webscan component in the Embedded Web Server EWS on the HP Photosmart D110 and B110; Photosmart Plus B210; Photosmart Premium C310, Fax All-in-One, and C510; and ENVY 100 D410 printers allows remote attackers to read documents on the scan surface via unspecified vectors...
CVE-2011-1531
The CVE-2011-1531 issue affects the webscan component of the Embedded Web Server (EWS) in HP Photosmart D110/B110, Plus B210, Premium C310/Fax All-in-One/C510, and ENVY 100 D410 printers. The vulnerability allows remote attackers to read documents on the scan surface via unspecified vectors. Root...
Computer Associates WebScan ActiveX Control Multiple Remote Code Execution Vulnerabilities
This host is installed with CA PSFormX or WebScan ActiveX controls and is prone to multiple remote code execution vulnerabilities. OpenVAS Vulnerability Test $Id: gbcaactivexmultcodeexecvuln.nasl 5364 2017-02-20 13:26:07Z cfi $ Computer Associates WebScan ActiveX Control Multiple Remote Code...
Computer Associates WebScan ActiveX Control Multiple RCE Vulnerabilities
CA PSFormX or WebScan ActiveX controls is prone to multiple remote code execution vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
CVE-2010-2193
CA PSFormX and WebScan ActiveX controls are affected by CVE-2010-2193, with multiple reported remote code execution vulnerabilities caused by input verification weaknesses. The CVE is associated with CA Global Advisor-distributed controls, which CA retired in May 2009. OpenVAS/NESSUS entries desc...
CA20100608-01: Security Notice for CA PSFormX and WebScan ActiveX Controls
-----BEGIN PGP SIGNED MESSAGE----- CA20100608-01: Security Notice for CA PSFormX and WebScan ActiveX Controls Issued: June 8, 2010 CA Technologies support is alerting users to multiple security risks with the PSFormX and WebScan ActiveX controls previously available from the CA Global Security...
TSRT-06-06: Computer Associates eTrust AntiVirus WebScan Manifest Processing Buffer Overflow Vulnerability
TSRT-06-06: Computer Associates eTrust AntiVirus WebScan Manifest Processing Buffer Overflow Vulnerability http://www.tippingpoint.com/security/advisories/TSRT-06-06.html August 7, 2006 -- CVE ID: CVE-2006-3975 -- Affected Vendor: Computer Associates -- Affected Products: eTrust AntiVirus WebScan...
TSRT-06-05: Computer Associates eTrust AntiVirus WebScan Automatic Update Code Execution Vulnerability
TSRT-06-05: Computer Associates eTrust AntiVirus WebScan Automatic Update Code Execution Vulnerability http://www.tippingpoint.com/security/advisories/TSRT-06-05.html August 7, 2006 -- CVE ID: CVE-2006-3976 CVE-2006-3977 -- Affected Vendor: Computer Associates -- Affected Products: eTrust AntiVir...
CA eTrust Antivirus WebScan ActiveX element buffer overflow
Buffer overflow in "WScanCtl Class" ActiveX object installed during free online antiviral check...
CAID 34509 - CA eTrust Antivirus WebScan vulnerabilities
Title: CA eTrust Antivirus WebScan vulnerabilities CA Vulnerability ID CAID: 34509 CA Advisory Date: 2006-08-03 Discovered By: Matt Murphy of the TippingPoint Security Research Team Impact: Remote attacker can execute arbitrary code. Summary: Ca eTrust Antivirus WebScan is a free, web-based virus...