Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.804543
Category:Web application abuses
Title:ClipBucket Multiple Vulnerabilities
Summary:This host is installed with ClipBucket and is prone to multiple; vulnerabilities.
Description:Summary:
This host is installed with ClipBucket and is prone to multiple
vulnerabilities.

Vulnerability Insight:
Input passed via multiple parameters to multiple scripts is not properly
sanitised before being returned to the user. Please see the references for more information.

Vulnerability Impact:
Successful exploitation will allow attacker to execute arbitrary HTML or
script code and manipulate SQL queries in the backend database allowing
for the manipulation or disclosure of arbitrary data.

Affected Software/OS:
ClipBucket version 2.6, Other versions may also be affected.

Solution:
Apply the patch from the referenced link.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-6642
http://osvdb.org/78199
http://secunia.com/advisories/47474
Common Vulnerability Exposure (CVE) ID: CVE-2012-6643
BugTraq ID: 51321
http://www.securityfocus.com/bid/51321
http://packetstormsecurity.org/files/108489/clipbucket-sqlxss.txt
http://osvdb.org/78201
http://osvdb.org/78202
XForce ISS Database: clipbucket-multiple-xss(72245)
https://exchange.xforce.ibmcloud.com/vulnerabilities/72245
Common Vulnerability Exposure (CVE) ID: CVE-2012-6644
http://www.exploit-db.com/exploits/18341
http://osvdb.org/78193
http://osvdb.org/78194
http://osvdb.org/78195
http://osvdb.org/78196
http://osvdb.org/78197
http://osvdb.org/78198
http://osvdb.org/78200
CopyrightCopyright (C) 2014 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.