Command injection

Okta Advanced Server Access Client for Windows prior to version 1.57.0 was found to be vulnerable to command injection via a specially crafted URL...

CVE-2022-24295

CVE-2022-24295 affects Okta Advanced Server Access Client for Windows prior to version 1.57.0. A command-injection vulnerability exists via a specially crafted URL. The root cause cited in multiple sources is lack of filtering/escaping of URL parameters, enabling remote command execution. CVSSv3....

PT-2022-16587 · Okta · Okta Advanced Server Access Client

Name of the Vulnerable Software and Affected Versions: Okta Advanced Server Access Client for Windows versions prior to 1.57.0 Description: The issue is related to command injection via a specially crafted URL. Recommendations: For versions prior to 1.57.0, update to version 1.57.0 or later to...

Security Bulletin: EDB PostreSQL with IBM, EDB Postgres Advanced Server with IBM, IBM Data Management Platform (Enterprise, Standard) are vulnerable to an SQL Injection (CVE-2021-23214)

Summary EDB PostreSQL with IBM and EDB Postgres Advanced Server with IBM are vulnerable to an SQL Injection Vulnerability Details CVEID: CVE-2021-23214 DESCRIPTION: PostgreSQL is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements when the server is configur...

CVE-2019-10016

GForge Advanced Server 6.4.4 allows XSS via the commonsearch.php words parameter, as demonstrated by a snippet/search/?words= substring...

Cross site scripting

GForge Advanced Server 6.4.4 allows XSS via the commonsearch.php words parameter, as demonstrated by a snippet/search/?words= substring...

CVE-2019-10016

GForge Advanced Server 6.4.4 allows XSS via the commonsearch.php words parameter, as demonstrated by a snippet/search/?words= substring...

CVE-2019-10016

GForge Advanced Server 6.4.4 allows XSS via the commonsearch.php words parameter, as demonstrated by a snippet/search/?words= substring...

CVE-2019-10016

CVE-2019-10016 affects GForge Advanced Server 6.4.4. The vulnerability is a cross-site scripting (XSS) flaw in the commonsearch.php code path, caused by inadequate filtering of user-submitted HTML in the words parameter. An attacker can remotely exploit the flaw by supplying crafted input via the...

GForge Advanced Server Cross-Site Scripting Vulnerability

GForge Group GForge Advanced Server is a suite of team collaboration and project management software from GForge Group. The software provides project hosting, version control, code review, release management, continuous integration and messaging. A cross-site scripting vulnerability exists in...

Lotus Domino IMAP4 Server 6.5.4 - Remote Buffer Overflow Exploit

No description provided by source. Lotus Domino IMAP4 Server Release 6.5.4 / Windows 2000 Advanced Server x86 Remote Exploit Vulnerable: IBM Lotus Domino = 7.0.2 && 6.5.5 FP2 tested 6.5.4 Authors: Dominic Chell [email protected] & prdelka Exploitation steps: 1 The instruction call dword e...

CVE-2012-1061

SQL injection vulnerability in GForge Advanced Server 6.0.0 and other versions before 6.0.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2012-1061

SQL injection vulnerability in GForge Advanced Server 6.0.0 and other versions before 6.0.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

Sql injection

SQL injection vulnerability in GForge Advanced Server 6.0.0 and other versions before 6.0.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2012-1061

CVE-2012-1061 affects GForge Advanced Server 6.0.0 and all versions before 6.0.1. The issue is a SQL injection vulnerability that allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Exploit details, affected subcomponents, and concrete impact are not provided in the...

EnterpriseDB PostgreSQL Plus Advanced Server Authentication Bypass

The DBA Management Server is a browser based Job Scheduling and monitoring environment for database monitoring, profiling, reporting, and querying with the capability of HTML and PDF report generation. An authentication bypass vulnerability has been reported in the DBA Management Server component...

EnterpriseDB PostgreSQL Plus Advanced Server DBA Management Server Authentication Bypass

Added: 03/21/2011 BID: 46662 Background Postgres Plus Advanced Server is an enterprise database solution. It includes several productivity tools, such as Migration Studio, Postgres Studio, DBA Management Server, and DBA Monitoring Console. Problem An authentication bypass vulnerability exists in...

EnterpriseDB PostgreSQL Plus Advanced Server DBA Management Server Authentication Bypass

Added: 03/21/2011 BID: 46662 Background Postgres Plus Advanced Server is an enterprise database solution. It includes several productivity tools, such as Migration Studio, Postgres Studio, DBA Management Server, and DBA Monitoring Console. Problem An authentication bypass vulnerability exists in...

EnterpriseDB PostgreSQL Plus Advanced Server DBA Management Server Authentication Bypass

Added: 03/21/2011 BID: 46662 Background Postgres Plus Advanced Server is an enterprise database solution. It includes several productivity tools, such as Migration Studio, Postgres Studio, DBA Management Server, and DBA Monitoring Console. Problem An authentication bypass vulnerability exists in...

EnterpriseDB PostgreSQL Plus Advanced Server DBA Management Server Authentication Bypass

Added: 03/21/2011 BID: 46662 Background Postgres Plus Advanced Server is an enterprise database solution. It includes several productivity tools, such as Migration Studio, Postgres Studio, DBA Management Server, and DBA Monitoring Console. Problem An authentication bypass vulnerability exists in...