15 matches found
AcuToWeb server/10.5.0.7577c8b - Cross-Site Scripting
AcuToWeb server/10.5.0.7577c8b is vulnerable to reflected cross-site scripting XSS via the portgw parameter. Unsanitized user input is reflected in the response, allowing arbitrary JavaScript execution. id: CVE-2024-42852 info: name: AcuToWeb server/10.5.0.7577c8b - Cross-Site Scripting author:...
EUVD-2019-7555
Malware in sbrugna...
VulnCheck KEV: CVE-2024-42852
Cross Site Scripting vulnerability in AcuToWeb server v.10.5.0.7577C8b allows a remote attacker to execute arbitrary code via the index.php component...
CVE-2024-42852
Cross Site Scripting vulnerability in AcuToWeb server v.10.5.0.7577C8b allows a remote attacker to execute arbitrary code via the index.php component...
CVE-2019-17087
Unauthorized file download vulnerability in all supported versions of Micro Focus AcuToWeb. The vulnerability could be exploited to enumerate and download files from the filesystem of the system running AcuToWeb, with the privileges of the account AcuToWeb is running under...
CVE-2024-42852
Cross Site Scripting vulnerability in AcuToWeb server v.10.5.0.7577C8b allows a remote attacker to execute arbitrary code via the index.php component...
Micro Focus AcuToWeb 安全漏洞
Micro Focus AcuToWeb is a web and mobile deployment solution for a suite of ACUCOBOL applications from Micro Focus, UK. A security vulnerability exists in Micro Focus AcuToWeb version v.10.5.0.7577C8b, which stems from vulnerability to a reflective cross-site scripting attack that allows remote...
PT-2024-30185 · Unknown · Acutoweb Server
Name of the Vulnerable Software and Affected Versions: AcuToWeb server version 10.5.0.7577C8b Description: A Cross Site Scripting issue allows a remote attacker to execute arbitrary code via the "index.php" component. This enables the attacker to perform unauthorized actions on the affected syste...
CVE-2024-42852
AcuToWeb server 10.5.0.7577C8b is vulnerable to reflected XSS via the portgw parameter. Unsanitized input is reflected in the response, allowing arbitrary JavaScript execution in a victim’s browser. Root cause: insufficient input validation/output encoding for portgw. Impact: arbitrary JS executi...
Micro Focus AcuToWeb Information Disclosure Vulnerability
Micro Focus AcuToWeb is a suite of web and mobile deployment solutions for ACUCOBOL applications from Micro Focus UK. An information disclosure vulnerability exists in Micro Focus AcuToWeb all supported versions. An attacker could exploit this vulnerability to enumerate files on the file system...
CVE-2019-17087
Unauthorized file download vulnerability in all supported versions of Micro Focus AcuToWeb. The vulnerability could be exploited to enumerate and download files from the filesystem of the system running AcuToWeb, with the privileges of the account AcuToWeb is running under...
CVE-2019-17087
Unauthorized file download vulnerability in all supported versions of Micro Focus AcuToWeb. The vulnerability could be exploited to enumerate and download files from the filesystem of the system running AcuToWeb, with the privileges of the account AcuToWeb is running under...
Arbitrary file deletion
Unauthorized file download vulnerability in all supported versions of Micro Focus AcuToWeb. The vulnerability could be exploited to enumerate and download files from the filesystem of the system running AcuToWeb, with the privileges of the account AcuToWeb is running under...
CVE-2019-17087
Unauthorized file download vulnerability in all supported versions of Micro Focus AcuToWeb. The vulnerability could be exploited to enumerate and download files from the filesystem of the system running AcuToWeb, with the privileges of the account AcuToWeb is running under...
CVE-2019-17087
The CVE-2019-17087 entry describes an Unauthorized file download vulnerability in all supported versions of Micro Focus AcuToWeb, allowing enumeration/download of filesystem files with AcuToWeb’s running account privileges. The connected documents do not provide concrete technical details (root c...