cross site scripting explained

Release date:Updated on: Affected Systems:Cisco IronPort Encryption Appliance 6.xUnaffected system:Cisco IronPort Encryption Appliance 6.5.3Description:--------------------------------------------------------------------------------Bugtraq id: 52030Cve id: CVE-2012-0340 IronPort is a widely used email encryption gateway that can seamlessly encrypt, decrypt, and sign confidential emails. The IronPort encryption device has a cross-

Release date: 2012-03-16Updated on: 2012-03-19 Affected Systems:VMWare VMware View 4.6VMWare VMware View 4.0Unaffected system:VMWare VMware View 4.6.1Description:--------------------------------------------------------------------------------Bugtraq id: 52526CVE (CAN) ID: CVE-2012-1511 VMware View is an industry-leading desktop virtualization solution. VMware View has multiple security vulnerabilities, which can be exploited by malicious local users to escalate permissions or execute

Adobe Flash Player and AIR cross-site scripting (CVE-2014-0532) Release date:Updated on: Affected Systems:Adobe Flash Player 13.xAdobe AIR 13.xDescription:--------------------------------------------------------------------------------Bugtraq id: 67973CVE (CAN) ID: CVE-2014-0532Adobe Flash Player is an integrated multimedia Player. Adobe AIR is a technology devel

Jojo CMS 'search' Parameter Cross-Site Scripting Vulnerability Release date:Updated on: Affected Systems:Jojo CMS Description:--------------------------------------------------------------------------------Bugtraq id: 59933CVE (CAN) ID: CVE-2013-3082Jojo CMS is SEO-friendly, scalable, and PHP-based CMS.In versions earlier than Jojo CMS 1.2.2, plugins/jojo_core/

Release date: 2011-08-02Updated on: 2011-08-02 Affected Systems:Google Search Appliance 4.0Unaffected system:Google Search Appliance 5.0Description:--------------------------------------------------------------------------------Bugtraq id: 48957Cve id: CVE-2011-1339 Google Search Appliance is an all-in-one Search and indexing solution for small organizations and large organizations. Google Search Appliance has a cross-

Release date:Updated on: Affected Systems:NetWin SurgeFTP 23b6Description:--------------------------------------------------------------------------------Bugtraq id: 49160 SurgeFTP is an FTP service program that provides management interface programs. Multiple cross-site scripting vulnerabilities exist in the implementation of SurgeFTP Web interfaces. Remote atta

Release date: 2010-09-17Updated on: 2010-09-20 Affected Systems:Nagios XI 2009 R1.3BUnaffected system:Nagios XI 2009 R1.3CDescription:--------------------------------------------------------------------------------Nagios is a free open-source host and service monitoring software that can be used in a variety of Linux and Unix operating systems. The supported des/utils of Nagios. inc. the grab_request_var () function in the PHP file does not properly filter the information that the user submits

Cross-site scripting vulnerability in the 'node _ id' parameter of multiple Dell SonicWALL Products Release date:Updated on: Affected Systems:SonicWALL GMS/Analyzer/UMADescription:--------------------------------------------------------------------------------Bugtraq id: 68829CVE (CAN) ID: CVE-2014-5024SonicWALL provides Internet Security Solutions for small and

Release date:Updated on: Affected Systems:SAP NetWeaver 7.0-7.02Description:--------------------------------------------------------------------------------Bugtraq id: 44904 SAP NetWeaver is an integrated enterprise IT system management system. SAP NetWeaver's Open SQL Monitors (installed on port 50100 by default) has multiple cross-site scripting vulnerabilities

Release date:Updated on: Affected Systems:SpagoBI 4.0Description:--------------------------------------------------------------------------------Bugtraq id: 65911CVE (CAN) ID: CVE-2013-6232 SpagoBI is an open-source business intelligence software package. SpagoBI 4.0 and other versions are returned to users without verifying certain input. in implementation, there are persistent cross-site

Release date:Updated on: Affected Systems:ManageEngine OpStorDescription:--------------------------------------------------------------------------------Bugtraq id: 66499CVE (CAN) ID: CVE-2014-0344ManageEngine OpStor is a monitoring solution for Heterogeneous Storage architectures.Previous versions of ManageEngine Build 8500 have cross-site scripting and Privile

Release date:Updated on: Affected Systems:Htbridge AContent 1.xDescription:--------------------------------------------------------------------------------Cve id: CVE-2012-5167, CVE-2012-5169 AContent is an e-learning content creation tool and library that supports the import, export, and production of IMS content packages. Multiple vulnerabilities in AContent 1.2 and earlier versions can be exploited by malicious users to execute cross-

Release date:Updated on: Affected Systems:LongTail VideoDescription:--------------------------------------------------------------------------------LongTail Video is a leading company in the online Video market in New York. Its flagship product is JW Video player. The coding of the JWPlayerFLASH video player has security issues. Remote attackers can exploit this vulnerability to execute cross-site

Release date: 2012-08-02Updated on: Affected Systems:Opera Software Opera Web Browser 12.xOpera Software Opera Web Browser 11.xDescription:--------------------------------------------------------------------------------Bugtraq id: 54788 Opera is a browser from Norway. The security restriction bypass vulnerability exists in Opera Web Browser 12.01 and earlier versions. Attackers can exploit this vulnerability to bypass cross-

Release date:Updated on: Affected Systems:Wap2 SmallPICT 2.xDescription:--------------------------------------------------------------------------------SmallPICT is a bulletin board software. The implementation of SmallPICT 2.6 has a cross-site scripting vulnerability, which can be exploited to execute arbitrary HTML and script code in users' browser sessions.