New User, Welcome!     Login

Next Page >>

Cross/site scripting

OpenCms (7.5.0) - Vulnerability: Cross-Site Scripting, Phishing Through Frames, Application Error

Version: 7.5.0

Hardware: Tomcat/Oracle

Vulnerability: Cross-Site Scripting, Phishing Through Frames,
Application Error


Overview:

Survey: "MIME/Content-Type-Sniffing" Issues in Image Uploads in Forum Scripts

[5] http://secunia.com/advisories/34220/

APPENDIX: Advisories
====================================================

Advisory: “Cross-Site Scripting” in Avatar uploads in fluxBB

Application: fluxBB
Vulnerable Versions: 1.3-legacy and older 1.3 versions.
Reported By: Jacques Copeau

[CVE-2010-0432] Apache OFBiz Multiple XSS Vulnerabilities

Release mode: Coordinated release


2. *Vulnerability Information*

Class: Multiple Cross Site Scripting (XSS)
Remotely Exploitable: Yes
Locally Exploitable: Yes
CVE Name: CVE-2010-0432

[DSECRG-11-011] SAP Crystal Reports 2008 - Multiple XSS

[DSECRG-11-011] SAP Crystal Reports 2008 - Multiple XSS 

SAP Crystal Report Server 2008 - multiple cross-site scripting vulnerabilities. 

SAP Crystal Report Server 2008 - Multiple cross-site scripting vulnerabilities. [DSecRG-11-011] (Internal DSECRG-00147) 


Multiple XSS vulnerabilities found in the module PerformanceManagement application SAP Crystal Report Server 2008. An attacker can intercept the cookie administrator or regular user of the system. 

Application: SAP Crystal Report Server 2008

[MORNINGSTAR-2009-02] Multiple security issues in Cute News and UTF-8 Cute News

Release Type: Co-ordinated, responsible disclosure


2. Vulnerability Information
------------------------------------------------------------------------------------------------------------------------
Class: Cross Site Request Forgery, Cross Site Scripting, File Path 
Disclosure, Local File Inclusion, Authentication Bypass and PHP Command 
Injection
Remotely Exploitable: Yes
Locally Exploitable: No

CORE-2009-0108: Multiple vulnerabilities in Sun Calendar Express Web Server

Release mode: Coordinated release


2. *Vulnerability Information*

Class: Denial of service (DoS), Cross site scripting (XSS)
Remotely Exploitable: Yes
Locally Exploitable: No
Bugtraq ID: 34150, 34152, 34153
CVE Name: N/A

Phorum < 5.2.10 Cross-Site Scripting/Request Forgery

#=cicatriz <c1c4tr1z@voodoo-labs.org>=#=~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~(advisories)=#
                                     /)           /)     /)                   
                        _ _  _______(/ ________  // _   (/_ _       _____  _  
                        (/__(_)(_)(_(_(_)(_)    (/_(_(_/_) /_)_ o  (_)/ (_(_/_
                                                                         .-/  
#=Phorum < 5.2.10 Cross-Site Scripting/Request Forgery=#=~~~~~~~~~~~~~~~(_/~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~=#
#=~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~=#
#=Advisory & Vulnerability Information=#=~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~=#

        Title: Phorum < 5.2.10 Cross-Site Scripting/Request Forgery
        Advisory ID: VUDO-2009-1504

CORE-2009-0109 - Multiple XSS in Sun Communications Express

Release mode: Coordinated release


2. *Vulnerability Information*

Class: Cross site scripting (XSS)
Remotely Exploitable: Yes
Locally Exploitable: No
Bugtraq ID: 34154, 34155
CVE Name: CVE-2009-1729

SQL Injection and XSS vulnerabilities in CubeCart version 4.3.3

over a million store owners around the world."

The following web vulnerabilities were found in CubeCart version 4.3.3;

1.SQL injection in “/cubecart_4/index.php”, parameter “searchStr”.
2.Cross-site Scripting vulnerability in
“/cubecart_4/modules/gateway/WorldPay/return.php”, parameter “amount”.
3.Cross-site Scripting vulnerability in
“/cubecart_4/modules/gateway/WorldPay/return.php”, parameter “cartId”.
4.Cross-site Scripting vulnerability in
“/cubecart_4/modules/gateway/WorldPay/return.php”, parameter “email”.

F*EX <= 20100208 Cross Site Scripting Vulnerabilities

------------------------------------------------------------------------
F*EX <= 20100208 Cross Site Scripting Vulnerabilities
------------------------------------------------------------------------


title.............: F*EX <= 20100208 Cross Site Scripting Vulnerabilities
author............: muuratsalo
contact...........: muuratsalo[at]gmail[dot]com
download..........: http://fex.rus.uni-stuttgart.de/fex.html
tested on.........: Debian 6.0.4 (squeeze) - package

WP Comment Remix 1.4.3 Multiple Vulnerabilities

Version: 1.4.3
From: Remote
Severity: Extremely Critical
Impact:
    Manipulation of data
    Cross-Site Scripting
Type of Advisory: Full Disclosure

_________________
Software Description |
===============

YEKTA WEB Academic Web Tools CMS Multiple XSS

Vulnerabilities:
------------------

        1- Cross Site Scripting (XSS) in "/page.php" in "sid","logincase" and "redirect" parameters.
        http://yoursite/page.php?sid=[XSS]
        http://yoursite/page.php?logincase=[XSS]
        http://yoursite/page.php?redirect=[XSS]
        
        2- Cross Site Scripting (XSS) in "/page_arch.php" in "sid","logincase" and "redirect" parameters.

Academic Web Tools CMS <= 1.4.2.8 Multiple Vulnerabilities

                2.1.1. Exploit:
                                                Check the exploit/POC section.
        2.2. Injection Flaws. SQL Injection in "/rating.php" in "book_id" parameter.
                2.2.1. Exploit:
                                                Check the exploit/POC section.
        2.3. Cross Site Scripting (XSS). Reflected XSS attack in "/login.php" in URL parameters.
                2.3.1. Exploit:
                                                Check the exploit/POC section.
        2.4. Cross Site Scripting (XSS). Reflected XSS attack in "/hta/htmlarea.js.php" in "glb_sid" parameters.
                2.3.1. Exploit:
                                                Check the exploit/POC section.

Academic Web Tools CMS <= 1.4.2.8 Multiple Vulnerabilities

                2.1.1. Exploit:
                                                Check the exploit/POC section.
        2.2. Injection Flaws. SQL Injection in "/rating.php" in "book_id" parameter.
                2.2.1. Exploit:
                                                Check the exploit/POC section.
        2.3. Cross Site Scripting (XSS). Reflected XSS attack in "/login.php" in URL parameters.
                2.3.1. Exploit:
                                                Check the exploit/POC section.
        2.4. Cross Site Scripting (XSS). Reflected XSS attack in "/hta/htmlarea.js.php" in "glb_sid" parameters.
                2.3.1. Exploit:
                                                Check the exploit/POC section.

QuickerSite Multiple Vulnerabilities

                2.3.1. Exploit:
                                Check the exploit section.
        2.4. Failure to Restrict URL Access [in "mailPage.asp"]. Everyone can mailbomb others.
                2.4.1. Exploit:
                                Check the exploit section.
        2.5. Cross Site Scripting (XSS) [in "showThumb.aspx"]. Reflected XSS attack by circumventing the ASP.Net XSS denier (Path disclosure on the open error mode).
                2.5.1. Exploit:
                                Check the exploit section.
        2.6. Cross Site Scripting (XSS), Failure to Restrict URL Access [in "process_send.asp"]. Redirect Reflected XSS Attack In "SB_redirect" parameter. Reflected XSS, Content Spoofing In "SB_feedback" parameter. Everyone can mailbomb others.
                2.6.1. Exploit:
                                Check the exploit section.

TYPO3 Security Bulletin TYPO3-20080611-1: Multiple vulnerabilities in TYPO3 Core

Dear users of TYPO3,

It has been discovered that the default value of the TYPO3 configuration variable fileDenyPattern allows arbitrary code execution on Apache web servers. Besides that, the library fe_adminlib.inc allows Cross Site Scripting (XSS).

=== Component Type ===
TYPO3 Core

=== Affected Versions ===
TYPO3 versions 3.x, 4.0 to 4.0.7, 4.1 to 4.1.6, 4.2

Academic Web Tools CMS <= 1.4.2.8 Multiple Vulnerabilities

                2.1.1. Exploit:
                                                Check the exploit/POC section.
        2.2. Injection Flaws. SQL Injection in "/rating.php" in "book_id" parameter.
                2.2.1. Exploit:
                                                Check the exploit/POC section.
        2.3. Cross Site Scripting (XSS). Reflected XSS attack in "/login.php" in URL parameters.
                2.3.1. Exploit:
                                                Check the exploit/POC section.
        2.4. Cross Site Scripting (XSS). Reflected XSS attack in "/hta/htmlarea.js.php" in "glb_sid" parameters.
                2.3.1. Exploit:
                                                Check the exploit/POC section.

Security Advisory for Bugzilla 3.2.8, 3.4.8, 3.6.2, and 3.7.3

Bugzilla is a Web-based bug-tracking system used by a large number of
software projects. The following security issues have been discovered
in Bugzilla:

* There is a way to inject both headers and content to users, causing
  a serious Cross-Site Scripting vulnerability.

* It was possible to see graphs from Old Charts even if you did not
  have access to a particular product, and you could browse a
  particular URL to see all product names.

Cross-Site Scripting vulnerability in Mozilla Firefox, Opera and other browsers

Hello Bugtraq!

I want to warn you about Cross-Site Scripting vulnerability in Mozilla
Firefox, Opera and other browsers. It allows to bypass protection from
executing of JavaScript code in location-header redirectors (by redirecting
to javascript: URI).

Recently, 04.08.2010, I wrote about vulnerability in Mozilla and Mozilla
Firefox at my site. I made full disclosure because Mozilla completely
ignored similar vulnerability, which I informed them in August 2009, like

Vtiger CRM 5.2.0 Multiple Vulnerabilities

Summary:

 A) Remote Code Execution (RCE) Vulnerability
 B) Local File Inclusion (LFI) Vulnerability (pre-auth)
 C) Cross Site Scripting (XSS) Vulnerabilities (pre-auth, reflected)
 D) Cross Site Scripting (XSS) Vulnerabilities (post-auth, reflected)

A) Remote Code Execution (RCE) Vulnerability

A Remote Code Execution vulnerability exists in Vtiger CRM version 5.2.0.

Cross-Site Scripting (XSS) in Pivotx

Vulnerable Version(s): 2.3.2 and probably prior
Tested Version: 2.3.2
Vendor Notification: 18 April 2012 
Vendor Patch: 18 April 2012 
Public Disclosure: 9 May 2012 
Vulnerability Type: Cross-Site Scripting (XSS)
CVE Reference: CVE-2012-2274
Solution Status: Fixed by Vendor
Risk Level: Medium 
Credit: High-Tech Bridge SA Security Research Lab ( https://www.htbridge.com/advisory/ )

net2ftp <= 0.97 Cross-Site Scripting/Request Forgery

#=cicatriz <c1c4tr1z@voodoo-labs.org>=#=~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~(advisories)=#
                                     /)           /)     /)                   
                        _ _  _______(/ ________  // _   (/_ _       _____  _  
                        (/__(_)(_)(_(_(_)(_)    (/_(_(_/_) /_)_ o  (_)/ (_(_/_
                                                                         .-/  
#=net2ftp <= 0.97 Cross-Site Scripting/Request Forgery=#=~~~~~~~~~~~~~~~(_/~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~=#
#=~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~=#
#=Advisory & Vulnerability Information=#=~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~=#

        Title: net2ftp <= 0.97 Cross-Site Scripting/Request Forgery
        Advisory ID: VUDO-2009-0804

Syhunt: HFS (HTTP File Server) Template Cross-Site Scripting and Information Disclosure Vulnerabilities

Syhunt: HFS (HTTP File Server) Template Cross-Site Scripting and
Information Disclosure Vulnerabilities

Advisory-ID: 200801161
Discovery Date: 1.16.2008
Release Date: 1.23.2008
Affected Applications: HFS 2.0 to and including 2.3(Beta Build
#174)
Non-Affected Applications: HFS 1.6a and earlier versions
Class: Cross-Site Scripting (XSS), Information Disclosure

SEC Consult SA-20090415-0 :: Multiple Vulnerabilities in Novell Teaming

SEC Consult Security Advisory < 20090415-0 >
==========================================================================
              title: Novell Teaming Multiple Vulnerabilities
                     * Username Enumeration
                     * Multiple Cross Site Scripting
                     * Includes vulnerable Liferay portal
            program: Novell Teaming
 vulnerable version: 1.0.3
           homepage: http://www.novell.com/products/teaming/
              found: February 2009

Palo Alto Network Vulnerability - Cross-Site Scripting (XSS)

Class:          Cross-Site Scripting (XSS) Vulnerability
CVE:    CVE-2010-0475
Remote: Yes 
Local:  Yes 
Published: May 11, 2010 08:30AM
Timeline:Submission to MITRE: 1/18/2010
Vendor Contact: 2/18/2010
Vendor Response:  2/18/2010
Patch Available:  5/2010  Patched in maintenance releases (3.1.1 & 3.0.9)
Credit: Jeromie Jackson CISSP, CISM

[AK-ADV2008-001] Openfire Jabber-Server: Multiple Vulnerabilities (Authentication Bypass, SQL injection, ...)

It is possible to pass SQL statements to the backend database through
a SQL injection vulnerability. Depending on the particular
runtime environment and database permissions it is even possible to
write files to disk and execute code on operating system level.

3) Multiple Cross-Site Scripting
Permits arbitrary insertion of HTML- and JavaScript code in login.jsp.
An attacker could also manipulate a parameter to specify
a destination to which a user will be forwarded to after successful
authentication.

phpMyAdmin 3.3.5 / 2.11.10 <= Cross Site Scripting (XSS) Vulnerability

==============================================================================
 phpMyAdmin 3.3.5 / 2.11.10 <= Cross Site Scripting (XSS) Vulnerability
==============================================================================


1. OVERVIEW

The phpMyAdmin web application was vulnerable to Cross Site Scripting
vulnerability.

CORE-2011-0103 - ZOHO ManageEngine ADSelfService multiple vulnerabilities

2. *Vulnerability Information*

Class: Protection Mechanism Failure [CWE-693], Authentication Issues
[CWE-287], Cross-Site Scripting (XSS) [CWE-79]
Impact: Code execution, Security bypass
Remotely Exploitable: Yes
Locally Exploitable: No
CVE Name: CVE-2010-3272, CVE-2010-3273, CVE-2010-3274

FormMail 1.92 Multiple Vulnerabilities

III. ANALYSIS

Summary:

 A) Prelude to the vulnerabities
 B) Cross Site Scripting
 C) HTTP Response Header Injection
 D) HTTP Response Splitting

A) Prelude to the vulnerabities

(resend) RE: [WEB SECURITY] Trustwave's SpiderLabs Security Advisory TWSL2010-001

functionality.

The ASP.Net view state is typically stored in a hidden field
named "__VIEWSTATE". When a page's view state is not
cryptographically signed, many standard .Net controls are
vulnerable to Cross-Site Scripting (XSS) through the view
state.

It is well documented that using an unsigned view state is
"bad", but most previous advisories focus on vaguely
described threats or vulnerabilities introduced by custom
Next Page>>

Copyright © 1995-2012 LinuxRocket.net. All rights reserved.

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!