Sql injection

A vulnerability, which was classified as critical, was found in OTCMS 7.01. Affected is an unknown function of the file /admin/indbackstage.php. The manipulation of the argument sqlContent leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...

PT-2022-23204 · Blue Prism · Blue Prism Enterprise

Name of the Vulnerable Software and Affected Versions: Blue Prism Enterprise versions 6.0 through 7.01 Description: An issue allows an authenticated user to reverse engineer the software and circumvent access controls for the setValidationInfo administrative function in a misconfigured environmen...

PT-2022-23208 · Blue Prism · Blue Prism Enterprise

Name of the Vulnerable Software and Affected Versions: Blue Prism Enterprise versions 6.0 through 7.01 Description: The issue allows an authenticated user to reverse engineer the software and circumvent access controls for the getChartData administrative function in a misconfigured environment th...

PT-2021-8827 · Sap · Sap J2Ee Engine

Name of the Vulnerable Software and Affected Versions: SAP J2EE Engine version 7.01 Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script via the wsdlPath parameter to "/ctcprotocol/Protocol". This issue only affects products that are no longer...

GE Grid Solutions UR 信任管理问题漏洞

GE Grid Solutions UR is an embedded operating system from GE Grid Solutions, France. It provides high-performance protection, scalable I/O, integrated monitoring and metering, high-speed communications, and extensive programming and configuration capabilities. A trust management issue vulnerabili...

CVE-2021-21488

CVE-2021-21488 affects SAP NetWeaver Knowledge Management Configuration Service versions 7.01, 7.02, 7.30, 7.31, 7.40, 7.50. The issue is insecure/deserialization of user-controlled data by a remote attacker with basic privileges, leading to attacker-controlled code execution and an impact on ava...

CVE-2013-1593

A Denial of Service vulnerability exists in the WRITEC function in the msgserver.exe module in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04 when sending a crafted SAP Message Server packet to TCP ports 36NN and/or 39NN...

CVE-2018-2448

Under certain conditions SAP SRM-MDM CATALOG versions 3.0, 7.01, 7.02 utilities functionality allows an attacker to access information of user existence which would otherwise be restricted...

CVE-2018-2380

SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing “traverse to parent directory” are passed through to the file APIs. Recent assessments: Assessed Attacker Value: 0 Assessed Attacke...

Linux/x86-64 - Ncat Shellcode (SSL, MultiChannel, Persistant, Fork, IPv4/6, Password) (176 bytes)

include include // Exploit Title: Linux 64bit Ncat + SSL + MultiChannel + Persistant + Fork + IPv4/6 + Password 176byte // Date: 7/5/2016 // Exploit Author: CripSlick // Tested on: Kali 2.0 // Version: Ncat: Version 7.01 // email protected // OffSec ID: OS-20614 // http://50.112.22.183/...

Solaris 10 (sparc) : 145711-07 (deprecated)

Convergence 2.0-7.01: core patch. Date this patch was last updated by Sun : Dec/02/13 This plugin has been deprecated and either replaced with individual 145711 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on...

FileCOPA FTP Server - Remote Denial of Service

FileCOPA FTP Server - Remote Denial of Service source: https://www.securityfocus.com/bid/60909/info FileCOPA FTP Server is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. FileCOPA FTP Serve...

FileCOPA FTP Server - Remote Denial of Service

source: https://www.securityfocus.com/bid/60909/info FileCOPA FTP Server is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. FileCOPA FTP Server 7.01 is vulnerable; other versions may also b...

Tiki Wiki CMS Groupware 8.1 / 6.4 LTS Cross Site Scripting

Advisory: Tiki Wiki CMS Groupware Stored Cross-Site-Scripting Advisory ID: INFOSERVE-ADV2011-07 Author: Stefan Schurtz Contact: [email protected] Affected Software: Successfully tested on Tiki 8.1 & 6.4 LTS affects all current releases Vendor URL: http://info.tiki.org/ Vendor Status: fixed...

Tiki Wiki CMS Groupware 8.1 - 'show_errors' HTML Injection

source: https://www.securityfocus.com/bid/51128/info Tiki Wiki CMS Groupware is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the...

Novell Groupwise Webaccess - Stack Overflow

Novell Groupwise Webaccess - Stack Overflow Application: Novell Groupwise Webaccess Stack Overflow Platforms: Windows, Linux & Netware GroupWise 7.0, 7.01, 7.02, 7.03x, 7.04, 8.0, 8.01x Exploitation: Remote code execution CVE Number: Novell TID: 7006380 Author: Francis Provencher Protek Research...

Heap overflow

Multiple heap-based buffer overflows in OvCgi/Toolbar.exe in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via 1 a long OvAcceptLang cookie, which triggers the error in ov.dll and ovwww.dll, or 2 a long Accept-Language HTTP header,...

F-Secure Product(s) Integer Overflow Vulnerability (Linux)

This host is installed with F-Secure Products and is prone to Integer Overflow vulnerability. OpenVAS Vulnerability Test $Id: gbfsecureprdtsintoverflowvulnlin.nasl 6516 2017-07-04 12:20:47Z cfischer $ F-Secure Products Integer Overflow Vulnerability Linux Authors: Sharath S Copyright: Copyright c...

Design/Logic Flaw

HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allows remote attackers to obtain sensitive information via 1 a crafted request to the nnmRptConfig.exe CGI program, which reveals the pathname of log directories; or 2 a crafted parameter in a request to the ovlaunch.exe CGI program,...

F-Secure Policy Manager 7.00 - 'FSMSH.dll' Remote Denial of Service

source: https://www.securityfocus.com/bid/24233/info F-Secure Policy Manager is prone to a remote denial-of-service vulnerability because the application fails to propelry handle unexpected conditions. Exploiting this issue allows remote attackers to crash affected applications, denying further...