CVE-2023-23192

CVE-2023-23192 affects IS Decisions UserLock MFA 11.01. The issue is an authentication bypass exploitable via scheduled tasks, enabling attackers with high privileges and no user interaction to compromise confidentiality, integrity, and availability. The NVD metrics indicate a network-accessible,...

PT-2023-18873 · Is Decisions · Is Decisions Userlock Mfa

Name of the Vulnerable Software and Affected Versions: IS Decisions UserLock MFA version 11.01 Description: The issue allows for authentication bypass through the use of scheduled tasks. Recommendations: For IS Decisions UserLock MFA version 11.01, at the moment, there is no information about a...

SUSE CVE-2011-0686

Unspecified vulnerability in Opera before 11.01 allows remote attackers to cause a denial of service application crash via unknown content on a web page, as demonstrated by vkontakte.ru...

SUSE CVE-2011-0685

The Delete Private Data feature in Opera before 11.01 does not properly implement the "Clear all email account passwords" option, which might allow physically proximate attackers to access an e-mail account via an unattended workstation...

Siemens SICAM RTU Devices Denial-of-Service Vulnerability

OVERVIEW Stephan Beirer, Markus Mahrla, Toralf Gimpel, and Sebastian Krause, from GAI NetConsult GmbH, and Adam Crain of Automatak LLC have identified a denial-of-service vulnerability in Siemens SICAM products. Siemens has produced a firmware update to mitigate this vulnerability. This...

Dell Sonicwall Scrutinizer 11.01 Code Execution / SQL Injection

Dell Sonicwall Scrutinizer version 11.01 is vulnerable to an authenticated SQL injection that allows an attacker to write arbitrary files to the file system. This vulnerability can be used to write a PHP script to the file system to gain remote command execution. Metasploit module included. Dell...

Dell Sonicwall Scrutinizer 11.01 Code Execution / SQL Injection

Dell Scrutinizer 11.01 several vulnerabilities http://www.mysonicwall.com has a trial available. Dell Sonicwall Scrutinizer suffers from several SQL injections, many of which can end up with remote code execution. An attacker needs to be authenticated, but not as an administrator. However, that...

Opera 11.01 NULL PTR Derefernce

No description provided by source. html head titleOpera 11.01 Null Ptr Derefer/title /head body script type=text/JavaScript language=JavaScript / +. Title : Opera 11.01 Null Pointer Derefernce +. Date : 15.03.2011 05:18 +. Author: echo +. Version: 11.01 +. Software link:...

openSUSE Security Update : opera (openSUSE-SU-2011:0103-1)

Opera 11.01 fixes several critical security bugs : - CVE-2011-0681: CVSS v2 Base Score: 4.3 MEDIUM AV:N/AC:M/Au:N/C:N/I:P/A:N: Other CWE-Other - CVE-2011-0682: CVSS v2 Base Score: 9.3 HIGH AV:N/AC:M/Au:N/C:C/I:C/A:C: Buffer Errors CWE-119 - CVE-2011-0683: CVSS v2 Base Score: 4.3 MEDIUM...

Ipswitch IMail 11.01 - Cross-Site Scripting

!/usr/bin/perl Exploit Title: Ipswitch IMail 11.01 XSS Vulnerability Date: 26-04-2013 Author: DaOne aka Mocking Bird Vendor Homepage: http://www.ipswitch.com/ Platform: windows use Net::SMTP; ARGV Check if $ARGV != 2 print "\nUSAGE: IMail.pl \n"; exit; $host = $ARGV0; $attacker = $ARGV1; $victim ...

HP SiteScope Cross Site Scripting and HTML Injection Vulnerabilities

HP SiteScope is prone to cross site scripting and HTML injection vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2011-1727

Cross-site scripting XSS vulnerability in HP SiteScope 9.54, 10.13, 11.01, and 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to an "HTML injection" issue...

HP SiteScope Cross Site Scripting and HTML Injection Vulnerabilities

HP SiteScope is prone to a cross-site scripting vulnerability and an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied HTML and script code to run in the context...

HP SiteScope Cross Site Scripting and HTML Injection Vulnerabilities

HP SiteScope is prone to a cross-site scripting vulnerability and an HTML-injection vulnerability because it fails to properly sanitize user- supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied HTML and script code to run in the contex...

Opera Web Browser Window空指针引用拒绝服务漏洞

Bugtraq ID: 46872 CNCAN ID：CNCAN-2011031601 Opera Web Browser是一款开放源代码的WEB浏览器。 Opera Web Browser不正确处理特制的WEB页，可导致引用空指针而使应用程序崩溃，造成拒绝服务攻击。 Opera Software Opera Web Browser 11.01 目前没有详细解决方案提供： http://www.opera.com/ html head titleOpera 11.01 Null Ptr Derefer/title /head body script...

Opera 11.01 NULL Pointer Dereference

Opera 11.01 Null Ptr Derefer / +. Title : Opera 11.01 Null Pointer Derefernce +. Date : 15.03.2011 05:18 +. Author: echo +. Version: 11.01 +. Software link: http://www.opera.com/download/ +. Tested on : Win32 xp home sp 2 +. CVE : NULL --------------------------------------- 675B5646 MOV ECX,DWOR...

Opera 11.01 - NULL PTR Dereference

Opera 11.01 Null Ptr Derefer / +. Title : Opera 11.01 Null Pointer Derefernce +. Date : 15.03.2011 05:18 +. Author: echo +. Version: 11.01 +. Software link: http://www.opera.com/download/ +. Tested on : Win32 xp home sp 2 +. CVE : NULL --------------------------------------- 675B5646 MOV ECX,DWOR...

Email passwords are not immediately deleted when deleting private data – Opera Security Advisories

Email passwords are not immediately deleted when deleting private data – Opera Security Advisories OPCOM Team | January 26, 2011 Severity Moderate Description When using “Delete Private Data” and selecting the option to “Clear all email account passwords”, the passwords were not deleted...

Clickjacking attacks may be carried out against internal opera: URLs – Opera Security Advisories

Clickjacking attacks may be carried out against internal opera: URLs – Opera Security Advisories OPCOM Team | January 25, 2011 Severity High Description Internal opera: URLs which may be used to modify the Opera configuration have some intentional restrictions that are designed to mitigate possib...

Large form inputs can allow execution of arbitrary code – Opera Security Advisories

Large form inputs can allow execution of arbitrary code – Opera Security Advisories OPCOM Team | January 25, 2011 Severity Critical Description When certain large form inputs appear on a web page, they can cause Opera to crash. In some cases, the crash can lead to memory corruption, which could b...