Security News -  Security Reviews -   Exploits -  Tools -  UNIX Focus -  Windows Focus
Home  Ask the Team  Mailing Lists  Advertising Info  Advisories  About SecuriTeam  Blogs Brought to you by: Suppliers of: Website Testing Tools Network Testing Tools Software Testing Tools SecuriTeam in Your Inbox New vulnerability? New tool? Tell us (Our PGP key). Network Enabled Discount: SecuriTeam5_SANS Promo With Us Subjects of Interest: Vulnerability Management SQL Injection Buffer Overflows Active Network Scanning Fuzzing Fuzzer Report Network Security Network Scanner Pen Testing Security Scanner Scanner Review Fuzzer Review Web Scanner Review	Elefant CMS 'id' Parameter Cross Site Scripting Vulnerability 14 Aug. 2012    Summary Elefant CMS is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input.   Credit: The original article can be found at: http://www.securityfocus.com/bid/54805 Free Website Security Scan Free Fuzzer Report Vulnerability Assessment Detect web app vulnerabilities University study comparing the top Accurate and automated scanning Get guidance from professionals. 6 commercially availble fuzzers. for networks of any size.    Details Protect your website! Free Trial, Nothing to install. No interruption of visitors. www.beyondsecurity.com/vulnerability-scanner Vulnerable Systems:  *Elefant CMS 'id' Parameter Cross Site Scripting Vulnerability An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. Elefant CMS 1.2.0 is vulnerable; other versions may also be affected. Vendor Status: Currently we are not aware of any vendor-supplied patches Disclosure Timeline: Initial Release: Aug 03 2012  Comments: blog comments powered by Disqus	Related Articles Wepresent Wipg-1500 Firmware 1.0.3.7 Remote Code Execution Vulnerability Tcpdump Overflow Vulnerability Tcpdump 4.8.1 parsers Overflow Vulnerability Tcpdump 4.8.1 ISO CLNS Overflow Vulnerability Puppetlabs Mcollective-puppet-agent 1.11.0 option Execute Code Vulnerability Phpipam 1.2 Execute Code Cross Site Scripting Vulnerability Oracle Weblogic Server 10.3.6.0 takeover Remote Code Execution Vulnerability Oracle Universal Work Queue 12.1.1 accessible Remote Code Execution Vulnerability Oracle Siebel Ui Framework 16.1 update delete insert Remote Code Execution Vulnerability Oracle Partner Management 12.1.1 HTTP Remote Code Execution Vulnerability Oracle One-to-one Fulfillment 12.1.2 HTTP Remote Code Execution Vulnerability Oracle Mysql 5.7.16 unauthorized Remote Code Execution Vulnerability Oracle Marketing 12.1.1 Base Remote Code Execution Vulnerability Oracle JRE 1.6 web service Remote Code Execution Vulnerability Oracle Flexcube Universal Banking 12.2.0 Denial Of Service Vulnerability Oracle Flexcube Private Banking 12.0.1 CVSS Remote Code Execution Vulnerability Oracle Advanced Outbound Telephony 12.1.3 unauthorized Remote Code Execution Vulnerability Mybb Merge System 1.8.6 MyBulletinBoard Cross Site Scripting Vulnerability Cryptopp Crypto++ 5.6.4 octets Remote Code Execution Vulnerability Wireshark Overflow Vulnerability  Featured Articles Oracle Partner Management 12.1.1 HTTP Remote Code Execution Vulnerability Mp3splt 2.6.2 crafted Denial Of Service Vulnerability Trend Micro Smart Protection Server 3 webapps Execute Code Vulnerability Wordpress 4.7.1 commands Execute Code Sql Injection Vulnerability Oracle Istore 12.1.1 Successful Remote Code Execution Vulnerability Samsung Knox 1.0 Remote Code Execution Vulnerability Rapid7 Metasploit 4.13.0-2017012501 application Remote Code Execution Vulnerability Cisco IOS 15.2(2)e3 Denial Of Service Obtain Information Vulnerability Oracle Knowledge Management 12.1.1 critical data Remote Code Execution Vulnerability Siemens Sinumerik Integrate Operate Client modify Obtain Information Vulnerability Trend Micro Smart Protection Server 2.6 commands Execute Code Vulnerability Google Android 7.1.0 Mediaserver Execute Code Overflow Memory corruption Vulnerability Cisco Netflow Generation Appliance 1.0(2) Cross Site Scripting Vulnerability Adobe Acrobat Dc 15.006.30244 Execute Code Overflow Vulnerability Google Android 6.0.1 context Execute Code Overflow Memory corruption Vulnerability Cisco Unified Communications Manager 11.5(1.12000.1) Cross Site Scripting Bypass a restriction or similar Vulnerability Adobe Acrobat Dc 15.006.30244 Execute Code Overflow Memory corruption Vulnerability Oracle Marketing 12.2.6 Base Score Remote Code Execution Vulnerability Google Android 7 context Execute Code Overflow Memory corruption Vulnerability Cisco Webex Meeting Center Wbs28 Base Remote Code Execution Vulnerability
	Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus - Blogs - CVEs

Copyright © Beyond Security® All rights reserved.
Terms of Use Site Privacy Statement.
SecuriTeam™ is a trademark of Beyond Security®