Netzwerk Sicherheits Prüfungen / Anfälligkeitsfeststellung von SecuritySpace

Kategorie: CGI abuses : XSS

ID # Risk

1.3.6.1.4.1.25623.1.0.60165 Mittel Wordpress Cross-Site Scripting in wp-admin/edit.php

1.3.6.1.4.1.25623.1.0.60164 Mittel Wordpress Multiple Cross-Site Scripting Vulnerabilities(2)

1.3.6.1.4.1.25623.1.0.60121 Hoch eggBlog <= 3.1.0 Multiple XSS vulnerabilities

1.3.6.1.4.1.25623.1.0.57990 Mittel MyCalendar Multiple Cross-Site Scripting Vulnerabilities

1.3.6.1.4.1.25623.1.0.56995 Mittel CMSimple Index.PHP Search Cross-Site Scripting

1.3.6.1.4.1.25623.1.0.56977 Mittel Hosting Controller Error page XSS

1.3.6.1.4.1.25623.1.0.56969 Mittel DokuWiki Mediamanager Cross-Site Scripting

1.3.6.1.4.1.25623.1.0.56903 Mittel ArGoSoft Mail Server Pro Webmail Cross Site Scripting

1.3.6.1.4.1.25623.1.0.56894 Mittel vBulletin Image Upload HTML Injection Vulnerability

1.3.6.1.4.1.25623.1.0.56893 Mittel VBulletin Event Title HTML Injection Vulnerability

1.3.6.1.4.1.25623.1.0.56892 Mittel VBulletin Profile.PHP Cross-Site Scripting

1.3.6.1.4.1.25623.1.0.56884 Mittel vBulletin Showthread.PHP Input Validation

1.3.6.1.4.1.25623.1.0.56883 Mittel VBulletin Profile.PHP Email Field HTML Injection

1.3.6.1.4.1.25623.1.0.56882 Mittel vBulletin Vbugs.PHP Cross-Site Scripting

1.3.6.1.4.1.25623.1.0.56880 Mittel RunCMS < 1.3b Bigshow.PHP Cross Site Scripting

1.3.6.1.4.1.25623.1.0.56879 Mittel RunCMS < 1.3b ratefile.php Cross Site Scripting

1.3.6.1.4.1.25623.1.0.56872 Mittel UBB.threads <= 6.5.3 Cross Site Scripting

1.3.6.1.4.1.25623.1.0.56844 Mittel PHPsysInfo File Disclosure Vulnerabilities

1.3.6.1.4.1.25623.1.0.56843 Mittel PHPsysInfo Multiple Vulnerabilities

1.3.6.1.4.1.25623.1.0.56757 Mittel E107 Website Cross Site Scripting Vulnerability

1.3.6.1.4.1.25623.1.0.56753 Mittel CubeCart Arbitrary File Upload Vulnerability

1.3.6.1.4.1.25623.1.0.56752 Mittel CubeCart Multiple XSS vulnerabilities(3)

1.3.6.1.4.1.25623.1.0.56751 Mittel CubeCart Multiple XSS vulnerabilities(2)

1.3.6.1.4.1.25623.1.0.56749 Hoch CuteNews Multiple Cross-Site Scripting Vulnerabilities(2)

1.3.6.1.4.1.25623.1.0.55471 Hoch S9Y Serendipity Account Hijack Vulnerability

1.3.6.1.4.1.25623.1.0.55368 Hoch CuteNews Multiple Cross-site Scripting Vulnerabilities

1.3.6.1.4.1.25623.1.0.55367 Mittel CuteNews show_archives.php Cross-Site Scripting

1.3.6.1.4.1.25623.1.0.55364 Mittel CuteNews index.php Cross-Site Scripting Vulnerability

1.3.6.1.4.1.25623.1.0.55337 Mittel phpBB2 Plus 1.52 Multiple vulnerabilities

1.3.6.1.4.1.25623.1.0.55301 Mittel Drupal Cross-Site Scripting Vulnerability

1.3.6.1.4.1.25623.1.0.55296 Mittel phpBB <= 2.0.16 Nested BBCode cross site scripting

1.3.6.1.4.1.25623.1.0.55264 Mittel phpMyAdmin < 2.6.4-rc1 Cross-Site Scripting

1.3.6.1.4.1.25623.1.0.52756 Mittel YaBB Remote UsersRecentPosts Cross-Site Scripting

1.3.6.1.4.1.25623.1.0.52746 Mittel Wordpress Multiple Cross-Site Scripting Vulnerabilities

1.3.6.1.4.1.25623.1.0.52742 Hoch Wordpress Multiple Cross-Site Scripting Vulnerabilities

1.3.6.1.4.1.25623.1.0.52735 Mittel S9Y Serendipity Exit.PHP HTTP Response Splitting

1.3.6.1.4.1.25623.1.0.52727 Mittel S9Y Serendipity Cross Site Scripting

1.3.6.1.4.1.25623.1.0.52117 Mittel Koobi CMS Cross-Site Scripting

1.3.6.1.4.1.25623.1.0.52102 Mittel Kayako ESupport Index.PHP Multiple XSS

1.3.6.1.4.1.25623.1.0.52079 Mittel Coppermine Photo Gallery X-Forwarded-For HTML Injection

1.3.6.1.4.1.25623.1.0.52071 Hoch Invision Power Board Insecure Permissions

1.3.6.1.4.1.25623.1.0.52067 Hoch Invision Power Board Multiple Cross-Site Scripting

1.3.6.1.4.1.25623.1.0.52065 Hoch Invision Power Board Pop Parameter Cross-Site Scripting

1.3.6.1.4.1.25623.1.0.52062 Hoch Invision Power Board SSI.PHP Cross-Site Scripting

1.3.6.1.4.1.25623.1.0.52061 Hoch Invision Power Board Potential IP Address Spoofing

1.3.6.1.4.1.25623.1.0.52060 Hoch Invision Power Board Index.php Query XSS

1.3.6.1.4.1.25623.1.0.52059 Mittel Invision Power Board Referer Cross-Site Scripting

1.3.6.1.4.1.25623.1.0.52048 Mittel Comersus Comersus_Search_Item.ASP Cross-Site Scripting

1.3.6.1.4.1.25623.1.0.52035 Hoch ProfitCode PayProCart Cross-Site Scripting

1.3.6.1.4.1.25623.1.0.52019 Mittel Comersus Cart Username Field HTML Injection

1.3.6.1.4.1.25623.1.0.52009 Hoch phpMyAdmin Convcharset Cross-Site Scripting

1.3.6.1.4.1.25623.1.0.51976 Hoch phpMyAdmin Multiple Remote Cross-Site Scripting

1.3.6.1.4.1.25623.1.0.51971 Hoch PBLang Multiple Cross-Site Scripting

1.3.6.1.4.1.25623.1.0.51970 Hoch PaNews Cross-Site Scripting Vulnerability

1.3.6.1.4.1.25623.1.0.51958 Hoch ArGoSoft Mail Server HTML Injection

1.3.6.1.4.1.25623.1.0.51953 Mittel PHP-Fusion Setuser.PHP HTML Injection

1.3.6.1.4.1.25623.1.0.51952 Mittel PHP-Fusion BBCode IMG Tag Script Injection

1.3.6.1.4.1.25623.1.0.51930 Hoch SunShop Shopping cart cross site scripting

1.3.6.1.4.1.25623.1.0.51914 Mittel Icecast Status Display XSS Vulnerability

1.3.6.1.4.1.25623.1.0.51848 Hoch Geeklog 1.3.7 XSS vulnerabilities

1.3.6.1.4.1.25623.1.0.51847 Hoch Geeklog 1.3.5 XSS and script injection attacks

1.3.6.1.4.1.25623.1.0.51780 Hoch Siteman priviledge escalation vulnerability

1.3.6.1.4.1.25623.1.0.51773 Hoch phpBB cross site scripting

1.3.6.1.4.1.25623.1.0.51769 Hoch phpBB search author xss

1.3.6.1.4.1.25623.1.0.51762 Mittel CubeCart Multiple XSS vulnerabilities

1.3.6.1.4.1.25623.1.0.51758 Mittel BiTBOARD cross site scripting vulnerability

1.3.6.1.4.1.25623.1.0.51754 Hoch Siteman Multiple XSS vulnerabilities

ID #	Risk
1.3.6.1.4.1.25623.1.0.60165	Mittel	Wordpress Cross-Site Scripting in wp-admin/edit.php
1.3.6.1.4.1.25623.1.0.60164	Mittel	Wordpress Multiple Cross-Site Scripting Vulnerabilities(2)
1.3.6.1.4.1.25623.1.0.60121	Hoch	eggBlog <= 3.1.0 Multiple XSS vulnerabilities
1.3.6.1.4.1.25623.1.0.57990	Mittel	MyCalendar Multiple Cross-Site Scripting Vulnerabilities
1.3.6.1.4.1.25623.1.0.56995	Mittel	CMSimple Index.PHP Search Cross-Site Scripting
1.3.6.1.4.1.25623.1.0.56977	Mittel	Hosting Controller Error page XSS
1.3.6.1.4.1.25623.1.0.56969	Mittel	DokuWiki Mediamanager Cross-Site Scripting
1.3.6.1.4.1.25623.1.0.56903	Mittel	ArGoSoft Mail Server Pro Webmail Cross Site Scripting
1.3.6.1.4.1.25623.1.0.56894	Mittel	vBulletin Image Upload HTML Injection Vulnerability
1.3.6.1.4.1.25623.1.0.56893	Mittel	VBulletin Event Title HTML Injection Vulnerability
1.3.6.1.4.1.25623.1.0.56892	Mittel	VBulletin Profile.PHP Cross-Site Scripting
1.3.6.1.4.1.25623.1.0.56884	Mittel	vBulletin Showthread.PHP Input Validation
1.3.6.1.4.1.25623.1.0.56883	Mittel	VBulletin Profile.PHP Email Field HTML Injection
1.3.6.1.4.1.25623.1.0.56882	Mittel	vBulletin Vbugs.PHP Cross-Site Scripting
1.3.6.1.4.1.25623.1.0.56880	Mittel	RunCMS < 1.3b Bigshow.PHP Cross Site Scripting
1.3.6.1.4.1.25623.1.0.56879	Mittel	RunCMS < 1.3b ratefile.php Cross Site Scripting
1.3.6.1.4.1.25623.1.0.56872	Mittel	UBB.threads <= 6.5.3 Cross Site Scripting
1.3.6.1.4.1.25623.1.0.56844	Mittel	PHPsysInfo File Disclosure Vulnerabilities
1.3.6.1.4.1.25623.1.0.56843	Mittel	PHPsysInfo Multiple Vulnerabilities
1.3.6.1.4.1.25623.1.0.56757	Mittel	E107 Website Cross Site Scripting Vulnerability
1.3.6.1.4.1.25623.1.0.56753	Mittel	CubeCart Arbitrary File Upload Vulnerability
1.3.6.1.4.1.25623.1.0.56752	Mittel	CubeCart Multiple XSS vulnerabilities(3)
1.3.6.1.4.1.25623.1.0.56751	Mittel	CubeCart Multiple XSS vulnerabilities(2)
1.3.6.1.4.1.25623.1.0.56749	Hoch	CuteNews Multiple Cross-Site Scripting Vulnerabilities(2)
1.3.6.1.4.1.25623.1.0.55471	Hoch	S9Y Serendipity Account Hijack Vulnerability
1.3.6.1.4.1.25623.1.0.55368	Hoch	CuteNews Multiple Cross-site Scripting Vulnerabilities
1.3.6.1.4.1.25623.1.0.55367	Mittel	CuteNews show_archives.php Cross-Site Scripting
1.3.6.1.4.1.25623.1.0.55364	Mittel	CuteNews index.php Cross-Site Scripting Vulnerability
1.3.6.1.4.1.25623.1.0.55337	Mittel	phpBB2 Plus 1.52 Multiple vulnerabilities
1.3.6.1.4.1.25623.1.0.55301	Mittel	Drupal Cross-Site Scripting Vulnerability
1.3.6.1.4.1.25623.1.0.55296	Mittel	phpBB <= 2.0.16 Nested BBCode cross site scripting
1.3.6.1.4.1.25623.1.0.55264	Mittel	phpMyAdmin < 2.6.4-rc1 Cross-Site Scripting
1.3.6.1.4.1.25623.1.0.52756	Mittel	YaBB Remote UsersRecentPosts Cross-Site Scripting
1.3.6.1.4.1.25623.1.0.52746	Mittel	Wordpress Multiple Cross-Site Scripting Vulnerabilities
1.3.6.1.4.1.25623.1.0.52742	Hoch	Wordpress Multiple Cross-Site Scripting Vulnerabilities
1.3.6.1.4.1.25623.1.0.52735	Mittel	S9Y Serendipity Exit.PHP HTTP Response Splitting
1.3.6.1.4.1.25623.1.0.52727	Mittel	S9Y Serendipity Cross Site Scripting
1.3.6.1.4.1.25623.1.0.52117	Mittel	Koobi CMS Cross-Site Scripting
1.3.6.1.4.1.25623.1.0.52102	Mittel	Kayako ESupport Index.PHP Multiple XSS
1.3.6.1.4.1.25623.1.0.52079	Mittel	Coppermine Photo Gallery X-Forwarded-For HTML Injection
1.3.6.1.4.1.25623.1.0.52071	Hoch	Invision Power Board Insecure Permissions
1.3.6.1.4.1.25623.1.0.52067	Hoch	Invision Power Board Multiple Cross-Site Scripting
1.3.6.1.4.1.25623.1.0.52065	Hoch	Invision Power Board Pop Parameter Cross-Site Scripting
1.3.6.1.4.1.25623.1.0.52062	Hoch	Invision Power Board SSI.PHP Cross-Site Scripting
1.3.6.1.4.1.25623.1.0.52061	Hoch	Invision Power Board Potential IP Address Spoofing
1.3.6.1.4.1.25623.1.0.52060	Hoch	Invision Power Board Index.php Query XSS
1.3.6.1.4.1.25623.1.0.52059	Mittel	Invision Power Board Referer Cross-Site Scripting
1.3.6.1.4.1.25623.1.0.52048	Mittel	Comersus Comersus_Search_Item.ASP Cross-Site Scripting
1.3.6.1.4.1.25623.1.0.52035	Hoch	ProfitCode PayProCart Cross-Site Scripting
1.3.6.1.4.1.25623.1.0.52019	Mittel	Comersus Cart Username Field HTML Injection
1.3.6.1.4.1.25623.1.0.52009	Hoch	phpMyAdmin Convcharset Cross-Site Scripting
1.3.6.1.4.1.25623.1.0.51976	Hoch	phpMyAdmin Multiple Remote Cross-Site Scripting
1.3.6.1.4.1.25623.1.0.51971	Hoch	PBLang Multiple Cross-Site Scripting
1.3.6.1.4.1.25623.1.0.51970	Hoch	PaNews Cross-Site Scripting Vulnerability
1.3.6.1.4.1.25623.1.0.51958	Hoch	ArGoSoft Mail Server HTML Injection
1.3.6.1.4.1.25623.1.0.51953	Mittel	PHP-Fusion Setuser.PHP HTML Injection
1.3.6.1.4.1.25623.1.0.51952	Mittel	PHP-Fusion BBCode IMG Tag Script Injection
1.3.6.1.4.1.25623.1.0.51930	Hoch	SunShop Shopping cart cross site scripting
1.3.6.1.4.1.25623.1.0.51914	Mittel	Icecast Status Display XSS Vulnerability
1.3.6.1.4.1.25623.1.0.51848	Hoch	Geeklog 1.3.7 XSS vulnerabilities
1.3.6.1.4.1.25623.1.0.51847	Hoch	Geeklog 1.3.5 XSS and script injection attacks
1.3.6.1.4.1.25623.1.0.51780	Hoch	Siteman priviledge escalation vulnerability
1.3.6.1.4.1.25623.1.0.51773	Hoch	phpBB cross site scripting
1.3.6.1.4.1.25623.1.0.51769	Hoch	phpBB search author xss
1.3.6.1.4.1.25623.1.0.51762	Mittel	CubeCart Multiple XSS vulnerabilities
1.3.6.1.4.1.25623.1.0.51758	Mittel	BiTBOARD cross site scripting vulnerability
1.3.6.1.4.1.25623.1.0.51754	Hoch	Siteman Multiple XSS vulnerabilities