CVE-2016-20034 Wowza Streaming Engine 4.5.0 Privilege Escalation via user edit

Wowza Streaming Engine 4.5.0 contains a privilege escalation vulnerability that allows authenticated read-only users to elevate privileges to administrator by manipulating POST parameters. Attackers can send POST requests to the user edit endpoint with accessLevel set to 'admin' and advUser...

PT-2024-40106 · Drupal · Drupal

Name of the Vulnerable Software and Affected Versions: Drupal versions prior to 8.7.11 Drupal versions 8.8.x prior to 8.8.1 Description: The Media Library module has a security issue where it does not sufficiently restrict access to media items in certain configurations. Recommendations: If you a...

The vulnerability of the Advanced UI component of the Oracle WebCenter Sites application allows a malicious actor to gain access to read, modify, or delete data.

The vulnerability of the Advanced UI component in Oracle WebCenter Sites applications relates to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to gain access to read, modify, or delete data...

Veeam ONE Cross-Site Scripting Vulnerability

Veeam ONE is a suite of IT monitoring and reporting tools from Veeam USA. The product supports features such as backup monitoring, operational status monitoring of virtual and physical environments. A cross-site scripting vulnerability exists in Veeam ONE versions 11, 11a, and 12, which originate...

SUSE CVE-2012-3183

Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, and 11.1.1.6.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Advanced UI, a differen...

SUSE CVE-2012-3184

Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, and 11.1.1.6.0 allows remote attackers to affect integrity via unknown vectors related to Advanced UI...

SUSE CVE-2012-3186

Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, and 11.1.1.6.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Advanced UI, a differen...

Cisco Releases Patch for Critical Bug Affecting Unified CCMP and Unified CCDM

Cisco Systems has rolled out security updates for a critical security vulnerability affecting Unified Contact Center Management Portal Unified CCMP and Unified Contact Center Domain Manager Unified CCDM that could be exploited by a remote attacker to take control of an affected system. Tracked as...

CVE-2022-20658 Cisco Unified Contact Center Management Portal and Unified Contact Center Domain Manager Privilege Escalation Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Contact Center Management Portal Unified CCMP and Cisco Unified Contact Center Domain Manager Unified CCDM could allow an authenticated, remote attacker to elevate their privileges to Administrator. This vulnerability is due t...

Cisco Unified Contact Center Management Portal and Unified Contact Center Domain Manager Privilege Escalation Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Contact Center Management Portal Unified CCMP and Cisco Unified Contact Center Domain Manager Unified CCDM could allow an authenticated, remote attacker to elevate their privileges to Administrator. This vulnerability is due t...

The vulnerability of the Advanced User Interface component of the Oracle WebCenter Sites application allows a malicious actor to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Advanced User Interface component of the Oracle WebCenter Sites application for online user services is related to the lack of protective measures for the website structure. Exploiting this vulnerability may allow an attacker, operating remotely, to modify, add, or delete...

The vulnerability of the Advanced UI interface of Oracle WebCenter Sites for online user services allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Advanced UI interface of Oracle WebCenter Sites for online user services is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information using the HTTP...

The vulnerability of the Advanced UI sub-component of the integrated customer service platform for Internet applications, Oracle WebCenter Sites, allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Advanced UI sub-component of the integrated customer service platform for Internet applications, Oracle WebCenter Sites, is related to lack of access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to...

Oracle WebCenter Sites Unauthorized Operation Vulnerability

Oracle Fusion Middleware is a suite of business innovation platforms for enterprise and cloud environments from Oracle Corporation. Oracle WebCenter Sites is a web experience management component that enables marketers and business users to create and manage interactive social online experiences ...

Oracle WebCenter Sites Unauthorized Operation Vulnerability (CNVD-2017-06625)

Oracle Fusion Middleware is a suite of business innovation platforms for enterprise and cloud environments from Oracle Corporation. Oracle WebCenter Sites is a web experience management component that enables marketers and business users to create and manage interactive social online experiences ...

vBulletin Advanced User Tagging Mod - Stored XSS Vulnerability

No description provided by source. Exploit Title: Advanced User Tagging vBulletin - Stored XSS Vulnerability Google Dork: intext:usertagpro Date: 10.07.2013 Exploit Author: 0iZy5 Vendor Homepage: www.backtrack-linux.ro Software Link:...

Claroline 1.x - adminadvancedUserSearch.php?action Cross-Site Scripting

Claroline 1.x - adminadvancedUserSearch.php?action Cross-Site Scripting source: https://www.securityfocus.com/bid/25521/info Claroline is prone to a local file-include vulnerability and multiple cross-site scripting vulnerabilities. An attacker could exploit these issues to execute local script...

Teach you simple methods to easily crack the super bodyguard of password-vulnerability warning-the black bar safety net

Super bouncer from the market since it is by the majority of computer enthusiasts of welcome, which the disk protection function is amazing, there is one sentence say is“it has Cons”, so powerful function must also have the Cons side. If you forget your super bodyguard system administrator...