Lucene search
K

212 matches found

UbuntuCve
UbuntuCve
added 2009/12/02 4:30 p.m.21 views

CVE-2009-3585

Session fixation vulnerability in html/Elements/SetupSessionCookie in Best Practical Solutions RT 3.0.0 through 3.6.9 and 3.8.x through 3.8.5 allows remote attackers to hijack web sessions by setting the session identifier via a manipulation that leverages a second web server within the same doma...

5.8CVSS5.8AI score0.02745EPSS
Exploits0References2
Cvelist
Cvelist
added 2009/12/02 4:0 p.m.21 views

CVE-2009-3585

Session fixation vulnerability in html/Elements/SetupSessionCookie in Best Practical Solutions RT 3.0.0 through 3.6.9 and 3.8.x through 3.8.5 allows remote attackers to hijack web sessions by setting the session identifier via a manipulation that leverages a second web server within the same doma...

6.3AI score0.02745EPSS
Exploits0References16
CVE
CVE
added 2009/12/02 4:0 p.m.58 views

CVE-2009-4151

CVE-2009-4151 describes a session fixation vulnerability in Best Practical Solutions RT, affecting RT 3.0.0–3.6.9 and RT 3.8.x up to 3.8.5. The issue arises in the SetupSessionCookie path where an attacker can influence the session identifier via HTTP access to the RT server, enabling potential s...

5.8CVSS6.4AI score0.01838EPSS
Exploits0References16Affected Software1
CVE
CVE
added 2009/12/02 4:0 p.m.64 views

CVE-2009-3585

CVE-2009-3585 concerns a session fixation vulnerability in Best Practical Solutions RT 3.0.0–3.6.9 and 3.8.x–3.8.5, in the SetupSessionCookie flow (html/Elements/SetupSessionCookie). The underlying issue allows remote attackers to hijack a user’s web session by manipulating the session identifier...

5.8CVSS6.2AI score0.02745EPSS
Exploits0References16Affected Software1
NVD
NVD
added 2009/11/17 6:30 p.m.19 views

CVE-2009-3892

Cross-site scripting XSS vulnerability in Best Practical Solutions RT 3.6.x before 3.6.9, 3.8.x before 3.8.5, and other 3.4.6 through 3.8.4 versions allows remote attackers to inject arbitrary web script or HTML via certain Custom Fields...

4.3CVSS5.7AI score0.01083EPSS
Exploits0References5
Prion
Prion
added 2009/11/17 6:30 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in Best Practical Solutions RT 3.6.x before 3.6.9, 3.8.x before 3.8.5, and other 3.4.6 through 3.8.4 versions allows remote attackers to inject arbitrary web script or HTML via certain Custom Fields...

4.3CVSS6.2AI score0.01083EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2009/11/17 6:0 p.m.25 views

CVE-2009-3892

Cross-site scripting XSS vulnerability in Best Practical Solutions RT 3.6.x before 3.6.9, 3.8.x before 3.8.5, and other 3.4.6 through 3.8.4 versions allows remote attackers to inject arbitrary web script or HTML via certain Custom Fields...

5.7AI score0.01083EPSS
Exploits0References5
CVE
CVE
added 2009/11/17 6:0 p.m.52 views

CVE-2009-3892

The CVE-2009-3892 entry corresponds to a cross-site scripting (XSS) vulnerability in Best Practical Solutions RT (Request Tracker) releases in the 3.x line. Versions affected include RT 3.4.6–3.8.4, RT 3.6.x through 3.6.8, and RT 3.8.x through 3.8.4. The root cause is improper handling of input i...

4.3CVSS5.8AI score0.01083EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2008/08/06 6:41 p.m.16 views

CVE-2008-3502

Unspecified vulnerability in Best Practical Solutions RT 3.0.0 through 3.6.6 allows remote authenticated users to cause a denial of service CPU or memory consumption via unspecified vectors related to the Devel::StackTrace module for Perl...

4CVSS6.3AI score0.01116EPSS
Exploits0References4
Prion
Prion
added 2008/08/06 6:41 p.m.13 views

Design/Logic Flaw

Unspecified vulnerability in Best Practical Solutions RT 3.0.0 through 3.6.6 allows remote authenticated users to cause a denial of service CPU or memory consumption via unspecified vectors related to the Devel::StackTrace module for Perl...

4CVSS6.8AI score0.01116EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2008/08/06 6:0 p.m.46 views

CVE-2008-3502

CVE-2008-3502 affects Best Practical Solutions RT versions 3.0.0 through 3.6.6. The vulnerability is described as an unspecified issue related to the Perl Devel::StackTrace module that allows remote authenticated users to cause a denial of service via unspecified vectors, potentially consuming CP...

4CVSS6.3AI score0.01116EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2008/08/06 6:0 p.m.19 views

CVE-2008-3502

Unspecified vulnerability in Best Practical Solutions RT 3.0.0 through 3.6.6 allows remote authenticated users to cause a denial of service CPU or memory consumption via unspecified vectors related to the Devel::StackTrace module for Perl...

6.3AI score0.01116EPSS
Exploits0References4
Rows per page
Query Builder