[FD] XSS Reflected vulnerabilities in OS of FortiADC v3.2 (CVE-2014-0331)

P of the device. An Administrator needs an authenticated connection to the device. VII. SYSTEMS AFFECTED - FortiADC 3.2.0 and lower. VIII. SOLUTION - Upgrade to FortiADC 3.2.1 or higher. IX. References ----- http://ww

[FD] Reflected XSS Attacks vulnerabilities F-Secure Messaging Security Gateway V7.5.0.892 (CVE-2014-2844)

I. VULNERABILITY - Reflected XSS Attacks vulnerabilities F-Secure Messaging Security Gateway V7.5.0.892 II. BACKGROUND - F-Secure Messaging Security Gateway protects your company's confidential data. Users can easily send encrypted e-mails, and

[FD] (CVE-2014-1648) Symantec Messaging Gateway Management Console Cross Site Scripting Vulnerability

I. VULNERABILITY - Reflected XSS Attacks vulnerability in Symantec Messaging Gateway Version 10.5.1 II. BACKGROUND - Symantec Corporation is an American computer security, backup and availability solutions software corporation headquartered in

[FD] Fortinet Fortiweb 5.1 contains a cross-site request forgery vulnerability (CVE-2014-3115)

References http://www.kb.cert.org/vuls/id/902790 http://www.fortiguard.com/advisory/FG-IR-14-013/ ___ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/

[FD] XSS Attacks vulnerability in InterScan Messaging Security Virtual Appliance 8.5.1.1516 (Zero-DAY)

pgrade your client to ensure safety. Also, they recommended another Trend Micro Product -"OfficeScan" that may be suitable for your environment. I hope this information helps. Please let me know if you have additional questions or clarifications.

[FD] Cisco AsyncOS Cross-Site Scripting Vulnerability CVE-2014-3289

rabilities in Cisco Ironport Email Security Virtual Appliance Version: 8.0.0-671. VII. SOLUTION - http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3289 By William Costa william.co...@gmail.com ___ Sent

[FD] SpamTitan contains a reflected cross-site scripting (XSS) vulnerability CVE-2014-2965

tor needs an authenticated connection to the device. VII. SYSTEMS AFFECTED - Try SpamTitan 6.00 and 6.01 VM and Demo online VIII. SOLUTION - SpamTitan has released a 6.04 patch to address this vulnerability. If you are unable to upgrade,

[FD] Reflected XSS vulnerabilities in DELL SonicWALL GMS 7.2 Build: 7221.1701 (CVE-2014-5024)

s enabling full access the box. VI. SYSTEMS AFFECTED - Tested DELL SonicWALL Analyzer v7.2 (build 7220.1700) VII. SOLUTION - https://support.software.dell.com/product-notification/128245 By William Costa william.co...@gmail.com

[FD] XSS Reflected vulnerability in RiverBed Stingray Traffic Manager Virtual Appliance V 9.6

I. VULNERABILITY - XSS Reflected vulnerability in RiverBed Stingray Traffic Manager Virtual Appliance V 9.6 II. BACKGROUND - Silver Peak VX software marries the cost and flexibility benefits of virtualization with the performance gains associated wi

[FD] Reflected XSS Attacks vulnerabilities used MIME Sniffing in Facebook Messenger and Facebook App for iOS.

on 7.1.2, Facebook APP Vesion 14.0, Messenger Facebook Version 10.0. By William Costa william.costa no spam gmail.com ___ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/

[FD] CSRF vulnerabilities in CacheGuard-OS v5.7.7 (CVE-2014-4865)

ECTED - Try CacheGuard-OS v5.7.7 VIII. SOLUTION - All functions must be protected by CSRF-Tokens. http://www.kb.cert.org/vuls/id/241508 By William Costa william.costa no spam gmail.com ___ Se

[FD] Reflected XSS Attacks vulnerabilities in WatchGuard XTM 11.8.3 (CVE-2014-6413)

--- All data received by the application and can be modified by the user, before making any kind of transaction with them must be validated By William Costa william.co...@gmail.com ___ Sent through the Full Disclosure mailing list http://nmap.

[FD] XSS Reflected vulnerabilities and CSRF in Exinda WAN Optimization Suite (CVE-2014-7157, CVE-2014-7158)

I. VULNERABILITY - XSS Reflected vulnerabilities and CSRF in Exinda WAN Optimization Suite II. BACKGROUND - WAN Optimization Suite integrates enterprise-caliber bandwidth acceleration and optimization with best-in-class application network visibili

[FD] XSS Reflected in Page visualization agents in Pandora FMS v5.1SP1 - Revisión PC141031 (CVE-2014-8629)

Pandora FMS v5.1SP1 - Revisión PC141031 VII. SOLUTION - All data received by the application and can be modified by the user, before making any kind of transaction with them must be validated By William Costa william.co...@gmail.com

[FD] XSS Reflected vulnerabilities in Fortimail version 5.2.1 (CVE-2014-8617)

I. VULNERABILITY - XSS Reflected vulnerabilities in Fortimail version 5.2.1 II. BACKGROUND - Fortinet’s industry-leading, Network Security Platforms deliver Next Generation Firewall (NGFW) security with exceptional throughput, ultra low latency, and

[FD] Reflected XSS Attacks vulnerabilities in PFSense Version 2.2.2 (CVE-2015-4029)

ow.frames['xss'].document.getElementsByName('__csrf_magic')[0].value=csrfMagicToken; window.frames['xss'].document.CSRF.submit(); Result, Create new admin user the name test and password 123456 By William Costa william.co...@gmail.com ___ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/

[FD] XSS stored in PFSense 2.5.0 CVE-2021-27933

I. SYSTEMS AFFECTED - Tested PFSense 2.5.0 VII. SOLUTION - All data received by the application and that can be modified by the user, before making any kind of transaction with them must be validated correctly Upgrade 2.5.1 By William Costa william.co...