CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2008-2026
https://notcve.org/view.php?id=CVE-2008-2026
30 Apr 2008 — Cross-site scripting (XSS) vulnerability in WebID/IISWebAgentIF.dll in RSA Authentication Agent 5.3.0.258, and other versions before 5.3.3.378, allows remote attackers to inject arbitrary web script or HTML via a URL-encoded postdata parameter. NOTE: this is different than CVE-2005-1118, but it might be the same as CVE-2008-1470. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en WebID/IISWebAgentIF.dll del RSA Authentication Agent (Agente de Autentificación RSA) 5.3.0.258 y otras versione... • http://secunia.com/advisories/14954 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2008-2027
https://notcve.org/view.php?id=CVE-2008-2027
30 Apr 2008 — Open redirect vulnerability in WebID/IISWebAgentIF.dll in RSA Authentication Agent 5.3.0.258 for Web for IIS, when accessed via certain browsers such as Mozilla Firefox, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an ftp URL in the url parameter to a Redirect action. Vulnerabilidad de redirección libre en WebID/IISWebAgentIF.dll de RSA Authentication Agent 5.3.0.258 para Web para IIS; cuando se accede desde determinados navegadores como Mozilla Firefox, ... • http://securityreason.com/securityalert/3850 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 3CVE-2008-1470 – RSA WebID 5.3 - 'IISWebAgentIF.dll' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2008-1470
24 Mar 2008 — Incomplete blacklist vulnerability in IISWebAgentIF.dll in the WebID RSA Authentication Agent 5.3, and possibly earlier, allows remote attackers to conduct cross-site scripting (XSS) attacks via the postdata parameter, due to an incomplete fix for CVE-2005-1118. Vulnerabilidad de lista negra incompleta en IISWebAgentIF.dll en el WebID RSA Authentication Agent 5.3 y posiblemente anteriores, permite a atacantes remotos llevar a cabo ataques de secuencias de comandos en sitios cruzados (XSS) a través del parám... • https://www.exploit-db.com/exploits/31411 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 3%CPEs: 1EXPL: 0CVE-2007-5703
https://notcve.org/view.php?id=CVE-2007-5703
29 Oct 2007 — Multiple cross-site scripting (XSS) vulnerabilities in (1) Request-spk.xuda and (2) Add-msie-request.xuda in RSA KEON Registration Authority Web Interface 1.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en (1) Request-spk.xuda y (2) Add-msie-request.xuda de RSA KEON Registration Authority Web Interface 1.0, permiten a atacantes remotos inyectar scripts web o HTML de su elección mediante v... • http://osvdb.org/38298 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2007-4900
https://notcve.org/view.php?id=CVE-2007-4900
14 Sep 2007 — Cross-site scripting (XSS) vulnerability in the logon page in RSA EnVision 3.3.6 Build 0115 allows remote attackers to inject arbitrary web script or HTML via the username field. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la página de acceso de RSA EnVision 3.3.6 Build 0115 permite a atacantes remotos inyectar scripts web o HTML de su elección mediante el campo username. • http://osvdb.org/37099 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 1%CPEs: 5EXPL: 0CVE-2007-2417
https://notcve.org/view.php?id=CVE-2007-2417
15 Jul 2007 — Heap-based buffer overflow in _mprosrv.exe in Progress Software Progress 9.1E and OpenEdge 10.1x, as used by the RSA Authentication Manager 6.0 and 6.1, SecurID Appliance 2.0, ACE/Server 5.2, and possibly other products, allows remote attackers to execute arbitrary code via crafted packets. NOTE: this issue might overlap CVE-2007-3491. Desbordamiento de búfer basado en montículo en _mprosrv.exe de Progress Software Progress 9.1E y OpenEdge 10.1.x, como se usan en RSA Authentication Manager 6.0 y 6.1, SecurI... • http://dvlabs.tippingpoint.com/advisory/TPTI-07-12 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2006-4991
https://notcve.org/view.php?id=CVE-2006-4991
26 Sep 2006 — RSA Keon Certificate Authority (KeonCA) Manager 6.5.1 and 6.6 allows privileged local users to hide malicious Certificate Authority (CA) activities by modifying CA auditor logs without detection by (1) modifying or deleting a
CVSS: 9.8EPSS: 74%CPEs: 2EXPL: 4CVE-2005-4734 – Microsoft IIS - ISAPI RSA WebAgent Redirect Overflow
https://notcve.org/view.php?id=CVE-2005-4734
31 Dec 2005 — Stack-based buffer overflow in IISWebAgentIF.dll in RSA Authentication Agent for Web (aka SecurID Web Agent) 5.2 and 5.3 for IIS allows remote attackers to execute arbitrary code via a long url parameter in the Redirect method. • https://www.exploit-db.com/exploits/16358 •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 2CVE-2005-3329 – RSA ACE Agent 5.x - Image Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2005-3329
27 Oct 2005 — Cross-site scripting (XSS) vulnerability in RSA Authentication Agent for Web 5.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the image parameter in a GetPic operation. • https://www.exploit-db.com/exploits/26398 •
CVSS: 8.8EPSS: 3%CPEs: 3EXPL: 0CVE-2005-1471
https://notcve.org/view.php?id=CVE-2005-1471
06 May 2005 — Heap-based buffer overflow in RSA SecurID Web Agent 5, 5.2, and 5.3 allows remote attackers to execute arbitrary code via crafted chunked-encoding data. • http://marc.info/?l=full-disclosure&m=111537013104724&w=2 •