t;XSS");
Stored (example):
On posts to 1.append when adding new entries into the wiki, the application
does not properly escape javascript code resulting in a stored cross-site
scripting attack.
Credit:
Brad Antoniewicz
[EMAIL PROTECTED]
o%20Building%20Broadband%20Service%20Manager%205.3&treeMdfId=281527126&treeName=Network%20Monitoring%20and%20Management
Download BBSMPatch5332.zip
CVE: CVE-2008-2165
Credit:
Brad Antoniewicz
[EMAIL PROTECTED]
mer has addressed the issue in the latest version of MetaGauge:
http://dl.hammer-software.com/metagauge.zip
CVE: CVE-2008-4421
Credit:
Brad Antoniewicz
[EMAIL PROTECTED]
has addressed the issue in the latest version.
For more information visit firmchannel.com
CVE: CVE-2008-4931
Credit:
Brad Antoniewicz
[EMAIL PROTECTED]
etHost(),
"sfoutbox", "sfoutbox", true, false, mProgressWindow, false, mProxyIP,
mProxyPort, mProxyUser, mProxyPass);
Credit:
Brad Antoniewicz
Email: Brad.Antoniewicz at foundstone.com
Title: ntop <= 3.3.10 Basic Authentication Null Pointer Denial of Service
-
Vendor: ntop
Vendor URL: www.ntop.org
Vendor Response: None
Description:
A denial of service condition can be reached by specifying an inv