ExpressionEngine version 2.2.2 and CodeIgniter version 2.0.3 suffer from filter bypass and cross site scripting vulnerabilities.
fdab17029ae48b80689e4ddd515edc23100d07a8f55741743dc18b289e5b7a22Apache Struts 2, XWork, and WebWork suffer from a java class path information disclosure vulnerability.
c0a84cb525b74d5273cbf496e7540533059cf934a7f4b582b6c01dd9bfa689f7Apache Struts 2 framework before version 2.2.3 is vulnerable to reflected cross site scripting attacks when default XWork generated error messages are displayed.
56db3b61b0797b0f8126cafa87b59fc81640d7a0bf85b1073ed4eef9c6cfcb01Multiple persistent and reflected Cross-Site Scripting (XSS) vulnerabilities were identified in Security Console (Admin Console), Message Center Classic and Message Center II services of Google Message Security (powered by Postini).
4afe5677cdfd29e4d7c9ef2558e97c6295dbe0e16ea2077747b64533242df2dcGoogle Message Center II service (build 6_24) was found vulnerable to SQL Injection attacks. When exploited by an attacker, the identified vulnerability could lead to Information Disclosure (map database structure, extract data from available tables), Denial of Service (consume server resources by injecting SQL heavy queries), etc.
a6eb9323bb800a93361c28c9efaa6f2934ac433339b54e4b5dd0840d5e579fc6Web-based Local Management Interface (LMI) of IBM Proventia Network Mail Security System appliance (firmware 1.6) is vulnerable to a CRLF Injection vulnerability. When exploited by an authenticated attacker, such vulnerability could lead to compromising the security of the appliance, allowing injection of custom HTTP cookies, forcing external redirects, potential HTTP Response Splitting attacks, etc.
e89f3a47c9d247e4c7ef74ea39c92a4c23d3b46381a0211b7b0b6dd059c87d44Web-based Local Management Interface (LMI) of IBM Proventia Network Mail Security System appliance (firmware 1.6) is vulnerable to an Insecure Direct Object Reference vulnerability. When exploited by an authenticated attacker, such vulnerability could lead to compromising the security of the appliance, allowing OS command execution, local file inclusion resulting in exposure of appliance configuration files, source code, etc.
4faf8158f2565688d604706ac1cf4006697d9a3c4dc9926cebbe5d8ab0579adeWeb-based Local Management Interface (LMI) of IBM Proventia Network Mail Security System appliance (firmware 1.6 and 2.5) is vulnerable to multiple persistent and reflected XSS attacks. When exploited by an external/internal attacker, such identified vulnerabilities could lead to Session Hijack, Information Disclosure, force installation of malicious file or Trojan on users' PCs, etc.
7d77648766361a40b7d96f7ef892d0dab12d44b36490044262f591af031bf755Web-based Local Management Interface (LMI) of IBM Proventia Network Mail Security System appliance (firmware 1.6 and 2.5) is vulnerable to XSRF attacks. When exploited by an attacker, the identified vulnerabilities could lead to compromising the security of the appliance, including unauthorized alteration of appliance's settings, DoS attacks, etc.
e79b5a9fb4e89af714cf275dfcd4e03761b0ba0e0db20144b1e00d48f36b7d68The Barracuda Networks Message Archiver product is vulnerable to persistent and reflect cross site scripting attacks.
7d5ba643cb91e384c25bc6c8b9b798506aa2c146a0eb1e25cdc27fb3cdcc863eThe Barracuda Networks Spam Firewall is vulnerable to various remote SQL injection attacks.
4a06cf636ddf600a8fa7b1e3104ca846b7810df35ab3c3da2a438c7b755bd9e4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed