20 matches found
EUVD-2009-2934
Malware in sbrugna...
CVE-2009-2947
Cross-site scripting XSS vulnerability in Xapian Omega before 1.0.16 allows remote attackers to inject arbitrary web script or HTML via unspecified CGI parameter values, which are sometimes included in exception messages...
Debian DSA-1882-1 : xapian-omega - missing input sanitization
It was discovered that xapian-omega, a CGI interface for searching xapian databases, is not properly escaping user-supplied input when printing exceptions. An attacker can use this to conduct cross-site scripting attacks via crafted search queries resulting in an exception and steal potentially...
Debian Security Advisory DSA 1882-1 (xapian-omega)
The remote host is missing an update to xapian-omega announced via advisory DSA 1882-1. OpenVAS Vulnerability Test $Id: deb18821.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1882-1 xapian-omega Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft In...
FreeBSD Ports: xapian-omega
The remote host is missing an update to the system as announced in the referenced advisory. VID b46f3a1e-a052-11de-a649-000c2955660f OpenVAS Vulnerability Test $ Description: Auto generated from VID b46f3a1e-a052-11de-a649-000c2955660f Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
FreeBSD Ports: xapian-omega
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Debian: Security Advisory (DSA-1882-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2009-2947
Cross-site scripting XSS vulnerability in Xapian Omega before 1.0.16 allows remote attackers to inject arbitrary web script or HTML via unspecified CGI parameter values, which are sometimes included in exception messages...
CVE-2009-2947
Cross-site scripting XSS vulnerability in Xapian Omega before 1.0.16 allows remote attackers to inject arbitrary web script or HTML via unspecified CGI parameter values, which are sometimes included in exception messages...
Cross site scripting
Cross-site scripting XSS vulnerability in Xapian Omega before 1.0.16 allows remote attackers to inject arbitrary web script or HTML via unspecified CGI parameter values, which are sometimes included in exception messages...
CVE-2009-2947
Cross-site scripting XSS vulnerability in Xapian Omega before 1.0.16 allows remote attackers to inject arbitrary web script or HTML via unspecified CGI parameter values, which are sometimes included in exception messages...
DEBIAN-CVE-2009-2947
Cross-site scripting XSS vulnerability in Xapian Omega before 1.0.16 allows remote attackers to inject arbitrary web script or HTML via unspecified CGI parameter values, which are sometimes included in exception messages...
CVE-2009-2947
CVE-2009-2947 affects Xapian Omega prior to 1.0.16. The Debian/OSS advisories describe a flaw where xapian-omega does not properly escape user input when printing exceptions, enabling cross-site scripting via crafted CGI parameter values. Affected component: xapian-omega CGI interface; root cause...
CVE-2009-2947
Cross-site scripting XSS vulnerability in Xapian Omega before 1.0.16 allows remote attackers to inject arbitrary web script or HTML via unspecified CGI parameter values, which are sometimes included in exception messages...
CVE-2009-2947
Cross-site scripting XSS vulnerability in Xapian Omega before 1.0.16 allows remote attackers to inject arbitrary web script or HTML via unspecified CGI parameter values, which are sometimes included in exception messages...
FreeBSD : xapian-omega -- XSS vulnerability (b46f3a1e-a052-11de-a649-000c2955660f)
Olly Betts reports : There's a cross-site scripting issue in Omega - exception messages don't currently get HTML entities escaped, but can contain CGI parameter values in some cases. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
[SECURITY] [DSA 1882-1] New xapian-omega packages fix cross-site scripting
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA-1882-1 [email protected] http://www.debian.org/security/ Nico Golde September 9th, 2009 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1882-1] New xapian-omega packages fix cross-site scripting
-------------------------------------------------------------------------- Debian Security Advisory DSA-1882-1 [email protected] http://www.debian.org/security/ Nico Golde September 9th, 2009 http://www.debian.org/security/faq -...
DSA-1882-1 xapian-omega - cross-site scripting
Bulletin has no description...
xapian-omega -- cross-site scripting vulnerability
Olly Betts reports: There's a cross-site scripting issue in Omega - exception messages don't currently get HTML entities escaped, but can contain CGI parameter values in some cases...