Search
Find a vulnerability
Search criteria
4 vulnerabilities found for storegrid by vembu
CVE-2014-10079 (GCVE-0-2014-10079)
Vulnerability from nvd – Published: 2019-02-23 14:00 – Updated: 2024-08-06 14:02
VLAI
Summary
In Vembu StoreGrid 4.4.x, the front page of the server web interface leaks the private IP address in the "ipaddress" hidden form value of the HTML source code, which is disclosed because of incorrect processing of an index.php/ trailing slash.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://packetstormsecurity.com/files/127786/Vemb… | x_refsource_MISC |
| https://cxsecurity.com/issue/WLB-2018120091 | x_refsource_MISC |
| https://seclists.org/fulldisclosure/2014/Aug/8 | x_refsource_MISC |
| https://www.exploit-db.com/exploits/46549/ | exploitx_refsource_EXPLOIT-DB |
Date Public
2019-02-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:02:38.382Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packetstormsecurity.com/files/127786/Vembu-Backup-Disaster-Recovery-6.1-Follow-Up.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cxsecurity.com/issue/WLB-2018120091"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://seclists.org/fulldisclosure/2014/Aug/8"
},
{
"name": "46549",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46549/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-02-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In Vembu StoreGrid 4.4.x, the front page of the server web interface leaks the private IP address in the \"ipaddress\" hidden form value of the HTML source code, which is disclosed because of incorrect processing of an index.php/ trailing slash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-16T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packetstormsecurity.com/files/127786/Vembu-Backup-Disaster-Recovery-6.1-Follow-Up.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cxsecurity.com/issue/WLB-2018120091"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://seclists.org/fulldisclosure/2014/Aug/8"
},
{
"name": "46549",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46549/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-10079",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Vembu StoreGrid 4.4.x, the front page of the server web interface leaks the private IP address in the \"ipaddress\" hidden form value of the HTML source code, which is disclosed because of incorrect processing of an index.php/ trailing slash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://packetstormsecurity.com/files/127786/Vembu-Backup-Disaster-Recovery-6.1-Follow-Up.html",
"refsource": "MISC",
"url": "https://packetstormsecurity.com/files/127786/Vembu-Backup-Disaster-Recovery-6.1-Follow-Up.html"
},
{
"name": "https://cxsecurity.com/issue/WLB-2018120091",
"refsource": "MISC",
"url": "https://cxsecurity.com/issue/WLB-2018120091"
},
{
"name": "https://seclists.org/fulldisclosure/2014/Aug/8",
"refsource": "MISC",
"url": "https://seclists.org/fulldisclosure/2014/Aug/8"
},
{
"name": "46549",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46549/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-10079",
"datePublished": "2019-02-23T14:00:00.000Z",
"dateReserved": "2019-02-23T00:00:00.000Z",
"dateUpdated": "2024-08-06T14:02:38.382Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-10078 (GCVE-0-2014-10078)
Vulnerability from nvd – Published: 2019-02-23 14:00 – Updated: 2024-08-06 14:02
VLAI
Summary
Vembu StoreGrid 4.4.x has XSS in interface/registercustomer/onlineregsuccess.php, interface/registerreseller/onlineregfailure.php, interface/registerclient/onlineregfailure.php, and interface/registercustomer/onlineregfailure.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://cxsecurity.com/issue/WLB-2018120091 | x_refsource_MISC |
| https://seclists.org/fulldisclosure/2014/Aug/8 | x_refsource_MISC |
| https://www.exploit-db.com/exploits/46549/ | exploitx_refsource_EXPLOIT-DB |
Date Public
2019-02-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:02:38.322Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cxsecurity.com/issue/WLB-2018120091"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://seclists.org/fulldisclosure/2014/Aug/8"
},
{
"name": "46549",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46549/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-02-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Vembu StoreGrid 4.4.x has XSS in interface/registercustomer/onlineregsuccess.php, interface/registerreseller/onlineregfailure.php, interface/registerclient/onlineregfailure.php, and interface/registercustomer/onlineregfailure.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-16T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cxsecurity.com/issue/WLB-2018120091"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://seclists.org/fulldisclosure/2014/Aug/8"
},
{
"name": "46549",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46549/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-10078",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vembu StoreGrid 4.4.x has XSS in interface/registercustomer/onlineregsuccess.php, interface/registerreseller/onlineregfailure.php, interface/registerclient/onlineregfailure.php, and interface/registercustomer/onlineregfailure.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cxsecurity.com/issue/WLB-2018120091",
"refsource": "MISC",
"url": "https://cxsecurity.com/issue/WLB-2018120091"
},
{
"name": "https://seclists.org/fulldisclosure/2014/Aug/8",
"refsource": "MISC",
"url": "https://seclists.org/fulldisclosure/2014/Aug/8"
},
{
"name": "46549",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46549/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-10078",
"datePublished": "2019-02-23T14:00:00.000Z",
"dateReserved": "2019-02-23T00:00:00.000Z",
"dateUpdated": "2024-08-06T14:02:38.322Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-10078 (GCVE-0-2014-10078)
Vulnerability from cvelistv5 – Published: 2019-02-23 14:00 – Updated: 2024-08-06 14:02
VLAI
Summary
Vembu StoreGrid 4.4.x has XSS in interface/registercustomer/onlineregsuccess.php, interface/registerreseller/onlineregfailure.php, interface/registerclient/onlineregfailure.php, and interface/registercustomer/onlineregfailure.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://cxsecurity.com/issue/WLB-2018120091 | x_refsource_MISC |
| https://seclists.org/fulldisclosure/2014/Aug/8 | x_refsource_MISC |
| https://www.exploit-db.com/exploits/46549/ | exploitx_refsource_EXPLOIT-DB |
Date Public
2019-02-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:02:38.322Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cxsecurity.com/issue/WLB-2018120091"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://seclists.org/fulldisclosure/2014/Aug/8"
},
{
"name": "46549",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46549/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-02-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Vembu StoreGrid 4.4.x has XSS in interface/registercustomer/onlineregsuccess.php, interface/registerreseller/onlineregfailure.php, interface/registerclient/onlineregfailure.php, and interface/registercustomer/onlineregfailure.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-16T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cxsecurity.com/issue/WLB-2018120091"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://seclists.org/fulldisclosure/2014/Aug/8"
},
{
"name": "46549",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46549/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-10078",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vembu StoreGrid 4.4.x has XSS in interface/registercustomer/onlineregsuccess.php, interface/registerreseller/onlineregfailure.php, interface/registerclient/onlineregfailure.php, and interface/registercustomer/onlineregfailure.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cxsecurity.com/issue/WLB-2018120091",
"refsource": "MISC",
"url": "https://cxsecurity.com/issue/WLB-2018120091"
},
{
"name": "https://seclists.org/fulldisclosure/2014/Aug/8",
"refsource": "MISC",
"url": "https://seclists.org/fulldisclosure/2014/Aug/8"
},
{
"name": "46549",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46549/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-10078",
"datePublished": "2019-02-23T14:00:00.000Z",
"dateReserved": "2019-02-23T00:00:00.000Z",
"dateUpdated": "2024-08-06T14:02:38.322Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-10079 (GCVE-0-2014-10079)
Vulnerability from cvelistv5 – Published: 2019-02-23 14:00 – Updated: 2024-08-06 14:02
VLAI
Summary
In Vembu StoreGrid 4.4.x, the front page of the server web interface leaks the private IP address in the "ipaddress" hidden form value of the HTML source code, which is disclosed because of incorrect processing of an index.php/ trailing slash.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://packetstormsecurity.com/files/127786/Vemb… | x_refsource_MISC |
| https://cxsecurity.com/issue/WLB-2018120091 | x_refsource_MISC |
| https://seclists.org/fulldisclosure/2014/Aug/8 | x_refsource_MISC |
| https://www.exploit-db.com/exploits/46549/ | exploitx_refsource_EXPLOIT-DB |
Date Public
2019-02-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:02:38.382Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packetstormsecurity.com/files/127786/Vembu-Backup-Disaster-Recovery-6.1-Follow-Up.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cxsecurity.com/issue/WLB-2018120091"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://seclists.org/fulldisclosure/2014/Aug/8"
},
{
"name": "46549",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46549/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-02-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In Vembu StoreGrid 4.4.x, the front page of the server web interface leaks the private IP address in the \"ipaddress\" hidden form value of the HTML source code, which is disclosed because of incorrect processing of an index.php/ trailing slash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-16T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packetstormsecurity.com/files/127786/Vembu-Backup-Disaster-Recovery-6.1-Follow-Up.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cxsecurity.com/issue/WLB-2018120091"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://seclists.org/fulldisclosure/2014/Aug/8"
},
{
"name": "46549",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46549/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-10079",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Vembu StoreGrid 4.4.x, the front page of the server web interface leaks the private IP address in the \"ipaddress\" hidden form value of the HTML source code, which is disclosed because of incorrect processing of an index.php/ trailing slash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://packetstormsecurity.com/files/127786/Vembu-Backup-Disaster-Recovery-6.1-Follow-Up.html",
"refsource": "MISC",
"url": "https://packetstormsecurity.com/files/127786/Vembu-Backup-Disaster-Recovery-6.1-Follow-Up.html"
},
{
"name": "https://cxsecurity.com/issue/WLB-2018120091",
"refsource": "MISC",
"url": "https://cxsecurity.com/issue/WLB-2018120091"
},
{
"name": "https://seclists.org/fulldisclosure/2014/Aug/8",
"refsource": "MISC",
"url": "https://seclists.org/fulldisclosure/2014/Aug/8"
},
{
"name": "46549",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46549/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-10079",
"datePublished": "2019-02-23T14:00:00.000Z",
"dateReserved": "2019-02-23T00:00:00.000Z",
"dateUpdated": "2024-08-06T14:02:38.382Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}