Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:61504
HistoryFeb 20, 2014 - 12:00 a.m.

Dell KACE K1000 Systems Management Appliance 'LABEL_ID'参数跨站脚本漏洞

2014-02-2000:00:00
Root
www.seebug.org
8

0.002 Low

EPSS

Percentile

61.1%

JSON

BUGTRAQ ID: 65333
CVE(CAN) ID: CVE-2014-0330

Dell KACE K1000是系统管理解决方案。

Dell KACE K1000系统管理设备5.5.90545版本及其他版本的adminui/user_list.php存在跨站脚本漏洞,远程攻击者可通过LABEL_ID参数,利用此漏洞注入任意Web脚本或HTML。
0
Dell Kace 1000 Systems Management Appliance 5.5.90545
目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:

http://www.dell.com/support/drivers/us/en/


                                                http://www.example.com/adminui/user_list.php?SEARCH_SELECTION=&LABEL_ID=[XSS]

Related

cert 1
prion 1
cvelist 1
nvd 1
cve 1
openvas 1
cert
cert
Dell KACE K1000 management appliance contains a cross-site scripting vulnerability
2014-02-04 00:00:00
prion
prion
Cross site scripting
2014-02-06 23:55:00
cvelist
cvelist
CVE-2014-0330
2014-02-06 23:00:00
nvd
nvd
CVE-2014-0330
2014-02-06 23:55:03
cve
cve
CVE-2014-0330
2014-02-06 23:55:03
openvas
openvas
Quest / Dell KACE K1000 Systems Management Appliance (SMA) <= 5.5.90545 XSS Vulnerability (SOL120154)
2014-02-14 00:00:00

0.002 Low

EPSS

Percentile

61.1%

JSON
Related for SSV:61504
cert1prion1cvelist1nvd1cve1openvas1