Next Page >>
Cross/Site Scripting
Version: 7.5.0
Hardware: Tomcat/Oracle
Vulnerability: Cross-Site Scripting, Phishing Through Frames,
Application Error
Overview:
[5] http://secunia.com/advisories/34220/
APPENDIX: Advisories
====================================================
Advisory: “Cross-Site Scripting” in Avatar uploads in fluxBB
Application: fluxBB
Vulnerable Versions: 1.3-legacy and older 1.3 versions.
Reported By: Jacques Copeau
Product: Open-Xchange Server 6
Vendor: Open-Xchange GmbH
Internal reference: 24553, 24765
Vulnerability Type: Cross Site Scripting
Vulnerable Versions: 6.22.1-rev13 and earlier
Fixed Version: 6.20.7-rev14, 6.22.0-rev13, 6.22.1-rev14
Solution Status: Fixed by Vendor
Vendor Notification: 2013-01-21
Solution date: 2013-02-28
Release mode: Coordinated release
2. *Vulnerability Information*
Class: Multiple Cross Site Scripting (XSS)
Remotely Exploitable: Yes
Locally Exploitable: Yes
CVE Name: CVE-2010-0432
[DSECRG-11-011] SAP Crystal Reports 2008 - Multiple XSS
SAP Crystal Report Server 2008 - multiple cross-site scripting vulnerabilities.
SAP Crystal Report Server 2008 - Multiple cross-site scripting vulnerabilities. [DSecRG-11-011] (Internal DSECRG-00147)
Multiple XSS vulnerabilities found in the module PerformanceManagement application SAP Crystal Report Server 2008. An attacker can intercept the cookie administrator or regular user of the system.
Application: SAP Crystal Report Server 2008
Release Type: Co-ordinated, responsible disclosure
2. Vulnerability Information
------------------------------------------------------------------------------------------------------------------------
Class: Cross Site Request Forgery, Cross Site Scripting, File Path
Disclosure, Local File Inclusion, Authentication Bypass and PHP Command
Injection
Remotely Exploitable: Yes
Locally Exploitable: No
Release mode: Coordinated release
2. *Vulnerability Information*
Class: Denial of service (DoS), Cross site scripting (XSS)
Remotely Exploitable: Yes
Locally Exploitable: No
Bugtraq ID: 34150, 34152, 34153
CVE Name: N/A
Release mode: Coordinated release
2. *Vulnerability Information*
Class: Cross site scripting (XSS)
Remotely Exploitable: Yes
Locally Exploitable: No
Bugtraq ID: 34154, 34155
CVE Name: CVE-2009-1729
#=cicatriz <c1c4tr1z@voodoo-labs.org>=#=~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~(advisories)=#
/) /) /)
_ _ _______(/ ________ // _ (/_ _ _____ _
(/__(_)(_)(_(_(_)(_) (/_(_(_/_) /_)_ o (_)/ (_(_/_
.-/
#=Phorum < 5.2.10 Cross-Site Scripting/Request Forgery=#=~~~~~~~~~~~~~~~(_/~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~=#
#=~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~=#
#=Advisory & Vulnerability Information=#=~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~=#
Title: Phorum < 5.2.10 Cross-Site Scripting/Request Forgery
Advisory ID: VUDO-2009-1504
over a million store owners around the world."
The following web vulnerabilities were found in CubeCart version 4.3.3;
1.SQL injection in “/cubecart_4/index.php”, parameter “searchStr”.
2.Cross-site Scripting vulnerability in
“/cubecart_4/modules/gateway/WorldPay/return.php”, parameter “amount”.
3.Cross-site Scripting vulnerability in
“/cubecart_4/modules/gateway/WorldPay/return.php”, parameter “cartId”.
4.Cross-site Scripting vulnerability in
“/cubecart_4/modules/gateway/WorldPay/return.php”, parameter “email”.
------------------------------------------------------------------------
F*EX <= 20100208 Cross Site Scripting Vulnerabilities
------------------------------------------------------------------------
title.............: F*EX <= 20100208 Cross Site Scripting Vulnerabilities
author............: muuratsalo
contact...........: muuratsalo[at]gmail[dot]com
download..........: http://fex.rus.uni-stuttgart.de/fex.html
tested on.........: Debian 6.0.4 (squeeze) - package
3. Brief Vulnerability Description
============================
During the security analysis, ThunderScan ASP.Net C# discovered multiple
SQL Injection, Cross Site Scripting and other vulnerabilities in
BugTracker.Net. Some of vulnerabilities are:
3.1 Cross Site Scripting through msg.InnerHtml()
File: default.aspx
Line: 88
Version: 1.4.3
From: Remote
Severity: Extremely Critical
Impact:
Manipulation of data
Cross-Site Scripting
Type of Advisory: Full Disclosure
_________________
Software Description |
===============
Vulnerabilities:
------------------
1- Cross Site Scripting (XSS) in "/page.php" in "sid","logincase" and "redirect" parameters.
http://yoursite/page.php?sid=[XSS]
http://yoursite/page.php?logincase=[XSS]
http://yoursite/page.php?redirect=[XSS]
2- Cross Site Scripting (XSS) in "/page_arch.php" in "sid","logincase" and "redirect" parameters.
2.1.1. Exploit:
Check the exploit/POC section.
2.2. Injection Flaws. SQL Injection in "/rating.php" in "book_id" parameter.
2.2.1. Exploit:
Check the exploit/POC section.
2.3. Cross Site Scripting (XSS). Reflected XSS attack in "/login.php" in URL parameters.
2.3.1. Exploit:
Check the exploit/POC section.
2.4. Cross Site Scripting (XSS). Reflected XSS attack in "/hta/htmlarea.js.php" in "glb_sid" parameters.
2.3.1. Exploit:
Check the exploit/POC section.
2.3.1. Exploit:
Check the exploit section.
2.4. Failure to Restrict URL Access [in "mailPage.asp"]. Everyone can mailbomb others.
2.4.1. Exploit:
Check the exploit section.
2.5. Cross Site Scripting (XSS) [in "showThumb.aspx"]. Reflected XSS attack by circumventing the ASP.Net XSS denier (Path disclosure on the open error mode).
2.5.1. Exploit:
Check the exploit section.
2.6. Cross Site Scripting (XSS), Failure to Restrict URL Access [in "process_send.asp"]. Redirect Reflected XSS Attack In "SB_redirect" parameter. Reflected XSS, Content Spoofing In "SB_feedback" parameter. Everyone can mailbomb others.
2.6.1. Exploit:
Check the exploit section.
2.1.1. Exploit:
Check the exploit/POC section.
2.2. Injection Flaws. SQL Injection in "/rating.php" in "book_id" parameter.
2.2.1. Exploit:
Check the exploit/POC section.
2.3. Cross Site Scripting (XSS). Reflected XSS attack in "/login.php" in URL parameters.
2.3.1. Exploit:
Check the exploit/POC section.
2.4. Cross Site Scripting (XSS). Reflected XSS attack in "/hta/htmlarea.js.php" in "glb_sid" parameters.
2.3.1. Exploit:
Check the exploit/POC section.
Dear users of TYPO3,
It has been discovered that the default value of the TYPO3 configuration variable fileDenyPattern allows arbitrary code execution on Apache web servers. Besides that, the library fe_adminlib.inc allows Cross Site Scripting (XSS).
=== Component Type ===
TYPO3 Core
=== Affected Versions ===
TYPO3 versions 3.x, 4.0 to 4.0.7, 4.1 to 4.1.6, 4.2
2.1.1. Exploit:
Check the exploit/POC section.
2.2. Injection Flaws. SQL Injection in "/rating.php" in "book_id" parameter.
2.2.1. Exploit:
Check the exploit/POC section.
2.3. Cross Site Scripting (XSS). Reflected XSS attack in "/login.php" in URL parameters.
2.3.1. Exploit:
Check the exploit/POC section.
2.4. Cross Site Scripting (XSS). Reflected XSS attack in "/hta/htmlarea.js.php" in "glb_sid" parameters.
2.3.1. Exploit:
Check the exploit/POC section.
Bugzilla is a Web-based bug-tracking system used by a large number of
software projects. The following security issues have been discovered
in Bugzilla:
* There is a way to inject both headers and content to users, causing
a serious Cross-Site Scripting vulnerability.
* It was possible to see graphs from Old Charts even if you did not
have access to a particular product, and you could browse a
particular URL to see all product names.
Hello Bugtraq!
I want to warn you about Cross-Site Scripting vulnerability in Mozilla
Firefox, Opera and other browsers. It allows to bypass protection from
executing of JavaScript code in location-header redirectors (by redirecting
to javascript: URI).
Recently, 04.08.2010, I wrote about vulnerability in Mozilla and Mozilla
Firefox at my site. I made full disclosure because Mozilla completely
ignored similar vulnerability, which I informed them in August 2009, like
Summary:
A) Remote Code Execution (RCE) Vulnerability
B) Local File Inclusion (LFI) Vulnerability (pre-auth)
C) Cross Site Scripting (XSS) Vulnerabilities (pre-auth, reflected)
D) Cross Site Scripting (XSS) Vulnerabilities (post-auth, reflected)
A) Remote Code Execution (RCE) Vulnerability
A Remote Code Execution vulnerability exists in Vtiger CRM version 5.2.0.
Vulnerable Version(s): 2.3.2 and probably prior
Tested Version: 2.3.2
Vendor Notification: 18 April 2012
Vendor Patch: 18 April 2012
Public Disclosure: 9 May 2012
Vulnerability Type: Cross-Site Scripting (XSS)
CVE Reference: CVE-2012-2274
Solution Status: Fixed by Vendor
Risk Level: Medium
Credit: High-Tech Bridge SA Security Research Lab ( https://www.htbridge.com/advisory/ )
Vulnerable Version(s): 4.4 and probably prior
Tested Version: 4.4
Vendor Notification: 4 July 2012
Vendor Patch: 23 July 2012
Public Disclosure: 25 July 2012
Vulnerability Type: Cross-Site Scripting (XSS)
CVE Reference: CVE-2012-3869
CVSSv2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Solution Status: Fixed by Vendor
Risk Level: Medium
Discovered and Provided: High-Tech Bridge Security Research Lab ( https://www.htbridge.com/advisory/ )
Vendor: phpList Ltd
Vulnerable Version(s): 2.10.18 and probably prior
Tested Version: 2.10.18
Vendor Notification: July 11, 2012
Public Disclosure: August 8, 2012
Vulnerability Type: Cross-Site Scripting [CWE-79], SQL Injection [CWE-89]
CVE References: CVE-2012-3952, CVE-2012-3953
CVSSv2 Base Scores: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N), 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P)
Solution Status: Fixed by Vendor
Risk Level: Medium
Discovered and Provided: High-Tech Bridge Security Research Lab ( https://www.htbridge.com/advisory/ )
Information
--------------------
Name : XSS and Blind SQL Injection Vulnerabilities in Banana Dance CMS
Software : Banana Dance CMS vB.2.1
Vendor Homepage : http://www.doyoubananadance.com
Vulnerability Type : Cross-Site Scripting and SQL Injection
Severity : Critical
Researcher : Canberk Bolat
Advisory Reference : NS-11-010
Description
Information
--------------------
Name : XSS and SQL Injection Vulnerabilities in OrderSys
Software : OrderSys 1.6.4 and possibly below.
Vendor Homepage : http://www.bioinformatics.org/phplabware/labwiki/index.php
Vulnerability Type : Cross-Site Scripting and SQL Injection
Severity : Critical
Researcher : Canberk Bolat
Advisory Reference : NS-12-007
Description
Information
--------------------
Name : XSS Vulnerabilities in LabWiki
Software : LabWiki 1.5 and possibly below.
Vendor Homepage : http://www.bioinformatics.org/phplabware/labwiki/index.php
Vulnerability Type : Cross-Site Scripting
Severity : Critical
Researcher : Canberk Bolat
Advisory Reference : NS-12-008
Description
Information
--------------------
Name : XSS and SQL Injection Vulnerabilities in Jara
Software : Jara 1.6 and possibly below.
Vendor Homepage : http://sourceforge.net/projects/jara/
Vulnerability Type : Cross-Site Scripting and SQL Injection
Severity : Critical
Researcher : Canberk Bolat
Advisory Reference : NS-12-009
Description
> Information
> --------------------
> Name : XSS Vulnerabilities in LabWiki
> Software : LabWiki 1.5 and possibly below.
> Vendor Homepage : http://www.bioinformatics.org/phplabware/labwiki/index.php
> Vulnerability Type : Cross-Site Scripting
> Severity : Critical
> Researcher : Canberk Bolat
> Advisory Reference : NS-12-008
>
> Description
Next Page>>
|
