<< Previous Next >>
Vulnerability Details
Vulnerability Type: XSS (Cross Site Scripting)
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: Medium
Credit: High-Tech Bridge SA (http://www.htbridge.ch/)
Vulnerability Details:
User can execute arbitrary JavaScript code within the vulnerable application.
The vulnerability exists due to failure in the "/admin/edit_page.php" script to properly sanitize user-supplied input in "page" variable. Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data.
An attacker can use browser to exploit this vulnerability. The following PoC is available:
Vulnerability Type: XSS (Cross Site Scripting)
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: Medium
Credit: High-Tech Bridge SA (http://www.htbridge.ch/)
Vulnerability Details:
User can execute arbitrary JavaScript code within the vulnerable application.
The vulnerability exists due to failure in the "/admin.php" script to properly sanitize user-supplied input in "p" variable. Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data.
An attacker can use browser to exploit this vulnerability. The following PoC is available:
vulnerability by Digital Vaccine protection filter ID 5356.
For further product information on the TippingPoint IPS, visit:
http://www.tippingpoint.com
-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of HP Mercury LoadRunner. Authentication is not
required to exploit this vulnerability.
The specific flaw exists within the process magentproc.exe that binds to
REZERVI 3.0.2 Remote Command Execution Vulnerability
http://eidelweiss-advisories.blogspot.com/2010/05/rezervi-302-remote-command-execution.html
-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable in directory "PATH/rezervi/include/mail.inc.php" with input "root" . Authentication is not
required to exploit this vulnerability.
# RFI Vulnerability! : [PATH/rezervi/include/mail.inc.php]
Vulnerability Type: XSS (Cross Site Scripting)
Status: Fixed by Vendor
Risk level: Medium
Credit: High-Tech Bridge SA (http://www.htbridge.ch/)
Vulnerability Details:
User can execute arbitrary JavaScript code within the vulnerable application.
The vulnerability exists due to failure in the "/index.php" script to properly sanitize user-supplied input in URL. Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data.
An attacker can use browser to exploit this vulnerability. The following PoC is available:
Vulnerability Type: SQL Injection
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: Low
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/)
Vulnerability Details:
The vulnerability exists due to failure in the "/admin/helper/createNewCategory.php" script to properly sanitize user-supplied input in "catName" or "catDesc" variables. Attacker can alter queries to the application SQL database, execute arbitrary queries to the database, compromise the application, access or modify sensitive data, or exploit various vulnerabilities in the underlying SQL database.
Attacker can use browser to exploit this vulnerability. The following PoC is available:
<form action="http://host/admin/helper/createNewCategory.php" method="post" name="main" >
1.30b10
1.31b01
Vulnerability Details
---------------------
Public References:
Not Assigned
vulnerability by Digital Vaccine protection filter ID 9332.
For further product information on the TippingPoint IPS, visit:
http://www.tippingpoint.com
-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
software utilizing a vulnerable version of Apple's Webkit. User
interaction is required to exploit this vulnerability in that the target
must visit a malicious page.
Vulnerability Type: XSS (Cross Site Scripting)
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: Medium
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/)
Vulnerability Details:
User can execute arbitrary JavaScript code within the vulnerable application.
The vulnerability exists due to failure in the blog items filter module script to properly sanitize user-supplied input in "article_form_filter[name][text]" variable. Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data.
An attacker can use browser to exploit this vulnerability. The following PoC is available:
Vulnerability Type: SQL Injection
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: Medium
Credit: High-Tech Bridge SA (http://www.htbridge.ch/)
Vulnerability Details:
The vulnerability exists due to failure in the [xxx] script to properly sanitize user-supplied input in [yyy] variable. Attacker can alter queries to the application SQL database, execute arbitrary queries to the database, compromise the application, access or modify sensitive data, or exploit various vulnerabilities in the underlying SQL database.
Attacker can use browser to exploit this vulnerability. The following PoC is available:
Vulnerability Type: SQL Injection
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: High
Credit: High-Tech Bridge SA (http://www.htbridge.ch/)
Vulnerability Details:
The vulnerability exists due to failure in the "index.php" script to properly sanitize user-supplied input in "show" variable. Attacker can alter queries to the application SQL database, execute arbitrary queries to the database, compromise the application, access or modify sensitive data, or exploit various vulnerabilities in the underlying SQL database.
Attacker can use browser to exploit this vulnerability. The following PoC is available:
Vulnerability Type: XSS (Cross Site Scripting)
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: Medium
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/)
Vulnerability Details:
User can execute arbitrary JavaScript code within the vulnerable application.
The vulnerability exists due to failure in the "/admin/editMenu.php" script to properly sanitize user-supplied input in "langId" variable. Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data.
An attacker can use browser to exploit this vulnerability. The following PoC is available:
vulnerability by Digital Vaccine protection filter ID 9829.
For further product information on the TippingPoint IPS, visit:
http://www.tippingpoint.com
-- Vulnerability Details:
This particular vulnerability allows remote attackers to execute
arbitrary code on vulnerable installations of Microsoft Excel. User
interaction is required in that a target must visit a malicious page or
open a malicious file.
Vulnerability Type: XSS (Cross Site Scripting)
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: Medium
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/)
Vulnerability Details:
User can execute arbitrary JavaScript code within the vulnerable application.
The vulnerability exists due to failure in the "/newtodo.php" script to properly sanitize user-supplied input in "todo" variable. Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data.
An attacker can use browser to exploit this vulnerability. The following PoC is available:
: Vulnerability Type: SQL Injection
: Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
: Risk level: High
: Credit: High-Tech Bridge SA (http://www.htbridge.ch/)
:
: Vulnerability Details:
: The vulnerability exists due to failure in the "/mail.php" script to properly sanitize user-supplied input in "id" variable. Attacker can alter queries to the application SQL database, execute arbitrary queries to the database, compromise the application, access or modify sensitive data, or exploit various vulnerabilities in the underlying SQL database.
:
: Attacker can use browser to exploit this vulnerability. The following PoC is available:
:
:
Vulnerability Type: XSS (Cross Site Scripting)
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: Medium
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/)
Vulnerability Details:
User can execute arbitrary JavaScript code within the vulnerable application.
The vulnerability exists due to failure in the "copy_folder.php" script to properly sanitize user-supplied input in "path" variable. Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data.
An attacker can use browser to exploit this vulnerability. The following PoC is available:
vulnerability by Digital Vaccine protection filter ID 9872.
For further product information on the TippingPoint IPS, visit:
http://www.tippingpoint.com
-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Apple's Webkit. User interaction is required
to exploit this vulnerability in that the target must visit a malicious
page or open a malicious file.
Vulnerability Type: XSS (Cross Site Scripting)
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: Medium
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/)
Vulnerability Details:
User can execute arbitrary JavaScript code within the vulnerable application.
The vulnerability exists due to failure in the "/content.asp" script to properly sanitize user-supplied input in "keywords" variable. Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data.
An attacker can use browser to exploit this vulnerability. The following PoC is available:
Vulnerability Type: SQL Injection
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: High
Credit: High-Tech Bridge SA (http://www.htbridge.ch/)
Vulnerability Details:
The vulnerability exists due to failure in the "/mail.php" script to properly sanitize user-supplied input in "id" variable. Attacker can alter queries to the application SQL database, execute arbitrary queries to the database, compromise the application, access or modify sensitive data, or exploit various vulnerabilities in the underlying SQL database.
Attacker can use browser to exploit this vulnerability. The following PoC is available:
vulnerability by Digital Vaccine protection filter ID 9283.
For further product information on the TippingPoint IPS, visit:
http://www.tippingpoint.com
-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Hewlett-Packard OpenView Network Node
Manager. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the ovwebsnmpsrv.exe process which can
Vulnerability Type: SQL Injection
Status: Fixed by Vendor
Risk level: High
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/)
Vulnerability Details:
The vulnerability exists due to failure in the "index.asp" script to properly sanitize user-supplied input in "qt" variable. Attacker can alter queries to the application SQL database, execute arbitrary queries to the database, compromise the application, access or modify sensitive data, or exploit various vulnerabilities in the underlying SQL database.
Attacker can use browser to exploit this vulnerability. The following PoC is available:
Vulnerability Type: SQL injection
Vendor Contact Date: 4/20/2010
Status: Vendor does not want to fix the vulnerability.
Vulnerability Details:
RSA Key Manager Client software uses an SQLite database to cache its encryption keys. The software fails to properly validate the metadata embedded inside of the RSA Key Manager encrypted data when it perform a key lookup when the encrypted data is being decrypted.An attacker can inject SQL commands into the metadata section of the RSA Key Manager encrypted data, which will be executed by the Key Manager Client software. For example, an attacker can inject SQL statements to modify existing encryption keys, remove existing encryption keys, add new encryption keys, etc.
The Key Manager client uses two types of cache: memory cache and file cache. As long as both or either of the caches are enabled the problem can be triggered easily.
RSA Key Manager Client 1.5.x uses the following format when it encrypts data:
Field 1 = KeyIdStringField 2 = NULL TerminatorField 3 = Encryption IVField 4 = Encrypted Data
Vulnerability Type: XSS (Cross Site Scripting)
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: Medium
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/)
Vulnerability Details:
User can execute arbitrary JavaScript code within the vulnerable application.
The vulnerability exists due to failure in the page metas managing script to properly sanitize user-supplied input in "value" variable. Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data.
An attacker can use browser to exploit this vulnerability. The following PoC is available:
Vulnerability Type: SQL Injection
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: Medium
Credit: High-Tech Bridge SA (http://www.htbridge.ch/)
Vulnerability Details:
The vulnerability exists due to failure in the "manager/index.php" script to properly sanitize user-supplied input in "a" variable. Attacker can alter queries to the application SQL database, execute arbitrary queries to the database, compromise the application, access or modify sensitive data, or exploit various vulnerabilities in the underlying SQL database.
Attacker can use browser to exploit this vulnerability. The following PoC is available:
Vulnerability Type: Stored XSS (Cross Site Scripting)
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: Medium
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/)
Vulnerability Details:
User can execute arbitrary JavaScript code within the vulnerable application.
The vulnerability exists due to failure in the comment text saving script to properly sanitize user-supplied input in "cmnt_body" variable. Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data.
An attacker can use browser to exploit this vulnerability. Just enter a comment text like:
vulnerability by Digital Vaccine protection filter ID 9858.
For further product information on the TippingPoint IPS, visit:
http://www.tippingpoint.com
-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Apple Safari's Webkit. User interaction is
required to exploit this vulnerability in that the target must visit a
malicious page or open a malicious file.
Vulnerability Type: SQL Injection
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: Low
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/)
Vulnerability Details:
The vulnerability exists due to failure in the "/admin/helper/deleteArticle.php" script to properly sanitize user-supplied input in "id" variable. Attacker can alter queries to the application SQL database, execute arbitrary queries to the database, compromise the application, access or modify sensitive data, or exploit various vulnerabilities in the underlying SQL database.
Attacker can use browser to exploit this vulnerability. The following PoC is available:
<form action="http://host/admin/helper/deleteArticle.php" method="post" name="main" >
vulnerability by Digital Vaccine protection filter ID 9283.
For further product information on the TippingPoint IPS, visit:
http://www.tippingpoint.com
-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Hewlett-Packard OpenView Network Node
Manager. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the ovutil.dll module which is loaded by
Firmware version: ver.3.05.03 (Europe)
ver.3.04.03
Vulnerability Details
---------------------
Class:
Remote Code Execution
Vulnerability Type: XSS (Cross Site Scripting)
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: Medium
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/)
Vulnerability Details:
User can execute arbitrary JavaScript code within the vulnerable application.
The vulnerability exists due to failure in the "/login.php" script to properly sanitize user-supplied input in "txtusername" POST parameter. Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data.
An attacker can use browser to exploit this vulnerability. The following PoC is available:
<<Previous Next>>
|
