Advisory:
|
Wordpress Plugin WP-Members 2.8.9 – Multiple Cross-site Scripting vulnerabilities
|
Advisory ID:
|
SSCHADV2014-001
|
Author:
|
Stefan Schurtz
|
Affected Software:
|
Successfully tested on WP-Members Version 2.8.9
|
Vendor URL:
|
|
Vendor Status:
|
fixed
|
======================
Vulnerability Description
======================
The Wordpress plugin "WP-Members 2.8.9" is prone to reflected and stored XSS vulnerabilities
Continue reading "SSCHADV2014-001 - Wordpress Plugin WP-Members Version 2.8.9 - Stored and reflected Cross-site Scripting vulnerabilities"
Posted by on
Advisory: |
Cross-Site Scripting vulnerability in Icinga |
Advisory ID: |
SSCHADV2011-003 |
Author: |
Stefan Schurtz |
Affected Software: |
Successfully tested on: icinga-1.3.0 / icinga-1.2.1 |
Vendor URL: |
http://www.icinga.org |
Vendor Status: |
statusmap.cgi: fixed XSS vulnerability #1281
Target version set to 1.4
|
OSVDB-ID: |
71052 |
======================
Vulnerability Description:
======================
This is a Cross-Site Scripting vulnerability
JavaScript can be included in style sheets by using "expression()" (IE only)
==============
Technical Details:
==============
Continue reading "SSCHADV2011-003 - Cross-Site Scripting vulnerability in Icinga"
Advisory: |
Cross-Site Scripting vulnerability in Nagios |
Advisory ID: |
SSCHADV2011-002 |
Author: |
Stefan Schurtz |
Affected Software: |
Successfully tested on: nagios-3.2.0 / nagios-3.2.3 |
Vendor URL: |
http://www.nagios.org |
Vendor Status: |
fixed |
CVE-ID: |
2011-1523 |
OSVDB-ID: |
71059 |
======================
Vulnerability Description:
======================
This is a Cross-Site Scripting vulnerability
JavaScript can be included in style sheets by using "expression()" (IE only)
==============
Technical Details:
==============
Continue reading "SSCHADV2011-002 - Cross-Site Scripting vulnerability in Nagios"
Advisory:
|
Cross-Site Scripting vulnerabilities in Icinga |
Advisory ID:
|
SSCHADV2011-001 |
Author:
|
Stefan Schurtz |
Affected Software: |
Successfully tested on icinga-1.3.0 / icinga-1.2.1 |
Vendor URL: |
http://www.icinga.org |
Vendor Status: |
fixed csv export link to make it XSS save (IE) #1275
|
OSVDB-ID: |
71050 |
======================
Vulnerability Description:
======================
This is Cross-Site Scripting vulnerability
==============
Technical Details:
==============
Continue reading "SSCHADV2011-001 - Cross-Site Scripting vulnerabilities in Icinga"