EUVD-2020-30323

Malware in sbrugna...

Cross site scripting

Cross Site Scripting vulnerability in Micro Focus Service Manager product. Affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow remote attackers to inject arbitrary web script or HTML...

CVE-2020-11845

The CVE-2020-11845 entry concerns a Cross Site Scripting vulnerability in Micro Focus Service Manager. Affected versions include 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, and 9.63. The provided documents describe that remote attackers could inject arbitrary web script or HTML, but they do not specify t...

Design/Logic Flaw

HTTP methods reveled in Web services vulnerability in Micro Focus Service manager server, affecting versions 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow exposure of configuration data...

CVE-2020-9519

HTTP methods reveled in Web services vulnerability in Micro Focus Service manager server, affecting versions 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow exposure of configuration data...

CVE-2020-9519

The CVE-2020-9519 entry concerns Micro Focus Service Manager (server) with an exposure of configuration data. Affected versions are 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, and 9.63. The documents indicate the issue arises from handling HTTP methods in web services, enabling partial confid...

CVE-2020-9517

Technical details about CVE-2020-9517 are not publicly available in the provided documents. Monitor for updates from vendors and advisories; current entries describe a UI redress vulnerability in Micro Focus Service Manager Release Control 9.50/9.60 without specifics.

SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2016:3068-1)

This update for java-170-ibm fixes the following issues : - Version update to 7.0-9.60 bsc1009280, bsc992537 fixing the following CVE's: CVE-2016-5568, CVE-2016-5556, CVE-2016-5573, CVE-2016-5597, CVE-2016-5554, CVE-2016-5542 Note that Tenable Network Security has extracted the preceding...

Opera Remote Code Execution and Information Disclosure Vulnerabilities (Linux)

The host is installed with Opera Web Browser and is prone to remote code execution and information disclosure Vulnerabilities. OpenVAS Vulnerability Test $Id: gboperainfodiscncodeexeclin.nasl 6539 2017-07-05 12:02:14Z cfischer $ Opera Remote Code Execution and Information Disclosure Vulnerabiliti...

Opera 9.52/9.60 Stored Cross Site Scripting Code Exec PoC

No description provided by source. !-- Just found a way to use Stefano’s opera:config idea to execute code from remote. Instead of changing the HTTP Proxy, an attacker can change the default external mail application to “\evil\malware.exe ”, or to local commands e.g. ftp.exe which can be used to...

Opera 9.52/9.60 - Persistent Cross-Site Scripting Code Execution

bb var z=null; function x window.setTimeout"z=window.open'opera:historysearch?q=%2A';window.focus;",1500; window.setTimeout"z.close;",3000; window.setTimeout"location.href='mailto:'",3000; " onclick="x"Click me... s=document.createElement"IFRAME"; s.src="opera:config"; document.body.appendChilds;...

Opera Web Browser 8.51 - URI redirection Remote Code Execution

Opera Web Browser 8.51 - URI redirection Remote Code Execution source: https://www.securityfocus.com/bid/31631/info Opera Web Browser is prone to a remote code-execution vulnerability. Successfully exploiting this issue will allow attackers to execute arbitrary code within the context of the...