ECE Projects XSS (Cross-site Scripting) Security Vulnerabilities

Hacker Research Topics

web-security

ece_home_project

ECE Projects XSS (Cross-site Scripting) Security Vulnerabilities

Exploit Title: ECE Projects /suchergebnis/? tx_solr[q] Parameter XSS (Cross-site Scripting) Security Vulnerabilities

Vendor: ECE Projektmanagement G.m.b.H. & Co. KG (ECE)

Product: ECE Projects

Vulnerable Versions:

Tested Version:

Advisory Publication: April 01, 2015

Latest Update: April 01, 2015

Vulnerability Type: Cross-Site Scripting [CWE-79]

CVE Reference: *

Impact CVSS Severity (version 2.0):

CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)

Impact Subscore: 2.9

Exploitability Subscore: 8.6

Writer and Reporter: Wang Jing [CCRG, Nanyang Technological University (NTU), Singapore]

Suggestion Details:



(1) Vendor & Product Description:

Vendor:

ECE Projektmanagement G.m.b.H. & Co. KG (ECE)

Product & Version:

All Projects – Shopping & Office, Traffic, Industries, Hotel, Residential

Vendor URL & download:

ECE Projects can be obtained from here,

http://www.ece.com/en/projects/all-projects/

Google Dork:

ECE Projektmanagement GmbH & Co. KG

Product Introduction Overview:

“ECE develops, builds, and manages large commercial properties in the business areas Shopping, Office, Traffic, and Industries…

View original post 詳見內文:約403字

廣告

發表迴響

在下方填入你的資料或按右方圖示以社群網站登入:

WordPress.com Logo

您的留言將使用 WordPress.com 帳號。 登出 / 變更 )

Twitter picture

您的留言將使用 Twitter 帳號。 登出 / 變更 )

Facebook照片

您的留言將使用 Facebook 帳號。 登出 / 變更 )

Google+ photo

您的留言將使用 Google+ 帳號。 登出 / 變更 )

連結到 %s