Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 18/06/2015 Updated: 15/06/2016

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in Opsview 4.6.2 and previous versions allow remote malicious users to inject arbitrary web script or HTML via a (1) crafted check plugin, the (2) description in a host profile, or the (3) plugin_args parameter to a Test service check page.

Vulnerable Product	Search on Vulmon	Subscribe to Product
opsview opsview

# Exploit title: Opsview 462 - Multiple XSS # Date: 07-06-2015 # Vendor homepage: wwwopsviewcom # Version: 462 # CVE: CVE-2015-4420 # Author: Dolev Farhi @dolevf # Tested On: Kali Linux + Windows 7 # Details: # -------- # Opsview is a monitoring system based on Nagios Core Opsview is prone to several stored and reflected XSS vulnerabilities ...

CWE-79 https://www.exploit-db.com/exploits/37271/http://www.securityfocus.com/bid/75223 https://nvd.nist.gov https://www.exploit-db.com/exploits/37271/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2015-4420

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect