Online Market Place Site version 1.0 suffers from a persistent cross site scripting vulnerability.
6dbdfadfd046c1d428d90778b682265b97787399b579cf8c236ae782a910255bThe es.blackberry.com site suffers from a cross site scripting vulnerability.
221bcdde7a9af3450c8375649ac85ea641b58b47d4e8079b517c843819e10ec6Secunia Security Advisory - HP has issued an update for Java in HP-UX. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service) and by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
64a709b58b6ee61639d0b91751fa1370fb95af75e8e2c731bae64a2534aa2be5Secunia Security Advisory - A security issue and two vulnerabilities have been reported in ownCloud, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
1332e189e300896ea0baa75068815455d40efa840a3b321cdafb6a9560538739Secunia Security Advisory - A security issue and multiple vulnerabilities have been reported in ownCloud, which can be exploited by malicious users to conduct script insertion attacks and bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks.
aff8264428b3986a367441d9fd2f8ce83c2febe254e06c37569cbebe867042aaSecunia Security Advisory - Debian has issued an update for python-django. This fixes two security issues and a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service).
fb3927d6bec81d24005c29a06dbc212f764f4d161f9c53d4a1dd8b08da17db26HP Security Bulletin HPSBMU02803 SSRT100926 - A potential security vulnerability has been identified with HP Service Manager and HP Service Center Web Tier. The vulnerability could be remotely exploited resulting in cross site scripting (XSS). Revision 1 of this advisory.
5f967abf36b11a1450d1bdc34b2e2587d19f67465191db23eaa1aed4ed25dbfeRed Hat Security Advisory 2012-1169-01 - Condor is a specialized workload management system for compute-intensive jobs. It provides a job queuing mechanism, scheduling policy, priority scheme, and resource monitoring and management. Condor installations that rely solely upon host-based authentication were vulnerable to an attacker who controls an IP, its reverse-DNS entry and has knowledge of a target site's security configuration. With this control and knowledge, the attacker could bypass the target site's host-based authentication and be authorized to perform privileged actions. Condor deployments using host-based authentication that contain no hostnames or use authentication stronger than host-based are not vulnerable.
7d5b013b987ff091dd7a23fc5f576eb318a9b088700f78e918b6ba97b41e66c5Red Hat Security Advisory 2012-1168-01 - Condor is a specialized workload management system for compute-intensive jobs. It provides a job queuing mechanism, scheduling policy, priority scheme, and resource monitoring and management. Condor installations that rely solely upon host-based authentication were vulnerable to an attacker who controls an IP, its reverse-DNS entry and has knowledge of a target site's security configuration. With this control and knowledge, the attacker could bypass the target site's host-based authentication and be authorized to perform privileged actions. Condor deployments using host-based authentication that contain no hostnames or use authentication stronger than host-based are not vulnerable.
d2ced5174e3b3e5aa23d5bb70fe45a1a71a1a33cadc9611bc0fa7bc2e78e8c66Secunia Security Advisory - Brendan Coles has discovered two security issues and a vulnerability in TestLink, which can be exploited by malicious people to conduct cross-site forgery attacks and disclose certain sensitive and system information.
b75356024a543a0d9fde7722cd0bfef56d5c9bb5cdff27c1f45155eefb22e5adSecunia Security Advisory - Two vulnerabilities have been reported in HP Service Manager and Service Center, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service).
ad6ffec457e6c1524a99a422c41160f6b60dfcc1852d2d3b8ed4c9b76d2eff58Entropy Broker is an infrastructure for distributing cryptographically secure random numbers (entropy data) from one or more servers to one or more clients. Entropy Broker allows you to distribute entropy data (random values) to /dev/random devices from other systems (real servers or virtualised systems). It helps preventing that the /dev/random device gets depleted; an empty /dev/random-device can cause programs to hang (waiting for entropy data to become available). This is useful for systems that need to generate encryption keys, run VPN software or run a casino website.
e505291a3ada9f1ba3928113fa70f9f79bfc771b2fe8e20560d612d5c64beb5bTCExam version 11.3.007 suffers from a cross site scripting vulnerability.
c2df81fe1434df8351dd6026e93abcd6a2dd042f7a15ef09a4566b27505d3dedTotal Shop UK eCommerce, which is based on CodeIgniter version 2.1.2, suffers from a cross site scripting vulnerability.
5152d11e96f30211a557516deffd45d1b790edd8b739f21a1dd10b248c3997c9ProQuiz version 2.0.2 suffers from cross site scripting, local file inclusion, remote file inclusion, and remote SQL injection vulnerabilities.
cd96527f58d918d01dbe7ff75611b1729daf91b7449eeb441565cef7115b0a2aRed Hat Security Advisory 2012-1165-01 - JBoss Enterprise BRMS Platform is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. This roll up patch serves as a cumulative upgrade for JBoss Enterprise BRMS Platform 5.3.0. It includes various bug fixes. The following security issue is also fixed with this release: It was found that the JMX Console did not protect against Cross-Site Request Forgery attacks. If a remote attacker could trick a user, who was logged into the JMX Console, into visiting a specially-crafted URL, the attacker could perform operations on MBeans, which may lead to arbitrary code execution in the context of the JBoss server process.
60f263a40e9847b3704eea8775ecc38544cbf434846d76a7dc6b54f11d8bced7Shopping Tree, Inc. software suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.
710c6c5f6d8a0112ff32d4cd35417f5a21917d22421ec5fcd825351690c94a00Hotel Booking Portal version 0.1 suffers from cross site scripting and remote SQL injection vulnerabilities.
256b6d0f295a339e04943601e44942aae79e9b08c4b1430be39582ee5d729968Viscosity OpenVPN client for Mac OS X suffers from a local root command execution vulnerability due to a suid binary executing site.py.
bbed2f8bef6e98f9f906db21866f9556901fd2af1233ad2af5fa7f69e3f8af21Playboy.com suffers from a cross site scripting vulnerability.
d3c90c643472122d05f903587daaf7a21fbecbd2556a199dc7102ffaac3713b6The heasarc.gsfc.nasa.gov site suffered from a cross site scripting vulnerability.
58f35f396ed253b516d3f9af4c85beaa88e1b34ee3b6b86a72f532bebc716a74Mcdonalds.com suffers from a cross site scripting vulnerability.
9645dd64740cc659afa8e577fdac2bf3473b1a0624a9e0ff8055e95dc9d564c4The profile.callofduty.com site suffers from a cross site scripting vulnerability.
51263e977736c214f93598fe8b0a3642fb0f7d1eef0ba388f7b6cd5f02a5503bBlogspot suffers from a cross site scripting vulnerability.
3087ca1250acb62189df6b2bd039fb5fa6c93eb981f58ed40720f9da803aa3e3IBM WebSphere MQ File Transfer Edition Web Gateway suffers from a cross site request forgery vulnerability.
06b2bda21b62241e495908f7f89cca912345a066fc02b98fb7be62e23b3b7da5Secunia Security Advisory - Some vulnerabilities have been reported in Ruby on Rails, which can be exploited by malicious people to conduct cross-site scripting attacks.
73a4623371bb5930237c1d264471f5292083a3abea74ab2f2555ea019bec6114
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed