s4squatch vulnerabilities and exploits

(subscribe to this query)

Cisco Collaboration Server (CCS) 5 allows remote malicious users to read the source code of JHTML files via URL encoded characters in the filename extension, as demonstrated by (1) changing .jhtml to %2Ejhtml, (2) changing .jhtml to .jhtm%6C, (3) appending %00 after .jhtml, and (...

Cisco Collaboration Server 5.0

1 EDB exploit

SQL injection vulnerability in /main in IBM Rational ClearQuest (CQ) Web 7.0.0.0-IFIX02 and 7.0.0.1 allows remote malicious users to execute arbitrary SQL commands via the username parameter in a GenerateMainFrame command.

Ibm Rational Clearquest 7.0.0.0 Ibm Rational Clearquest 7.0.0.1

1 EDB exploit

Cross-site scripting (XSS) vulnerability in webline/html/admin/wcs/LoginPage.jhtml in Cisco Collaboration Server (CCS) 5 allows remote malicious users to inject arbitrary web script or HTML via the dest parameter.

Cisco Collaboration Server 5.0

1 EDB exploit

CRLF injection vulnerability in Xerver HTTP Server 4.31 and 4.32 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via certain byte sequences at the end of a URL. NOTE: some of these details are obtained from third party in...

Javascript Xerver Http Server 4.31 Javascript Xerver Http Server 4.32

1 EDB exploit

Incomplete blacklist vulnerability in IISWebAgentIF.dll in the WebID RSA Authentication Agent 5.3, and possibly earlier, allows remote malicious users to conduct cross-site scripting (XSS) attacks via the postdata parameter, due to an incomplete fix for CVE-2005-1118.

2 EDB exploits

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook