Lucene search
K

19 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-3933

Malware in sbrugna...

6.1CVSS6.1AI score0.05947EPSS
Exploits5References5
VulnCheck KEV
VulnCheck KEV
added 2024/09/19 12:0 a.m.8 views

VulnCheck KEV: CVE-2015-3897

Directory traversal vulnerability in Bonita BPM Portal before 6.5.3 allows remote attackers to read arbitrary files via a .. dot dot in the theme parameter and a file path in the location parameter to bonita/portal/themeResource...

5CVSS5.9AI score0.17681EPSS
Exploits5References1
NVD
NVD
added 2018/02/28 9:29 p.m.29 views

CVE-2015-3898

Multiple open redirect vulnerabilities in Bonita BPM Portal before 6.5.3 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the redirectUrl parameter to 1 bonita/login.jsp or 2 bonita/loginservice...

6.1CVSS6.3AI score0.05947EPSS
Exploits5References3
Prion
Prion
added 2018/02/28 9:29 p.m.17 views

Open redirect

Multiple open redirect vulnerabilities in Bonita BPM Portal before 6.5.3 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the redirectUrl parameter to 1 bonita/login.jsp or 2 bonita/loginservice...

5.8CVSS7.2AI score0.05947EPSS
Exploits5References3Affected Software1
Cvelist
Cvelist
added 2018/02/28 9:0 p.m.35 views

CVE-2015-3898

Multiple open redirect vulnerabilities in Bonita BPM Portal before 6.5.3 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the redirectUrl parameter to 1 bonita/login.jsp or 2 bonita/loginservice...

6.3AI score0.05947EPSS
Exploits5References3
CVE
CVE
added 2018/02/28 9:0 p.m.75 views

CVE-2015-3898

CVE-2015-3898 refers to open redirect vulnerabilities in Bonita BPM Portal prior to 6.5.3. The flaw allows remote attackers to redirect users to arbitrary sites via the redirectUrl parameter on the login flow (bonita/login.jsp and bonita/loginservice). The connected documents confirm the vulnerab...

6.1CVSS6.2AI score0.05947EPSS
Exploits5References3Affected Software1
NVD
NVD
added 2015/06/18 6:59 p.m.27 views

CVE-2015-3897

Directory traversal vulnerability in Bonita BPM Portal before 6.5.3 allows remote attackers to read arbitrary files via a .. dot dot in the theme parameter and a file path in the location parameter to bonita/portal/themeResource...

5CVSS6.5AI score0.17681EPSS
Exploits5References3
Prion
Prion
added 2015/06/18 6:59 p.m.15 views

Directory traversal

Directory traversal vulnerability in Bonita BPM Portal before 6.5.3 allows remote attackers to read arbitrary files via a .. dot dot in the theme parameter and a file path in the location parameter to bonita/portal/themeResource...

5CVSS7AI score0.17681EPSS
Exploits5References3Affected Software1
Cvelist
Cvelist
added 2015/06/18 6:0 p.m.34 views

CVE-2015-3897

Directory traversal vulnerability in Bonita BPM Portal before 6.5.3 allows remote attackers to read arbitrary files via a .. dot dot in the theme parameter and a file path in the location parameter to bonita/portal/themeResource...

6.1AI score0.17681EPSS
Exploits5References3
CVE
CVE
added 2015/06/18 6:0 p.m.90 views

CVE-2015-3897

Bonita BPM Portal before 6.5.3 is affected by two concrete issues: (1) Local File Inclusion via themeResource when theme and location contain .., allowing reading arbitrary server files; (2) Open Redirect via redirectUrl parameter, enabling redirection to arbitrary sites after login. The NVD/Nucl...

5CVSS6AI score0.17681EPSS
Exploits5References3Affected Software1
OpenVAS
OpenVAS
added 2015/06/16 12:0 a.m.59 views

Bonita BPM < 6.5.3 Multiple Vulnerabilities

Bonita BPM is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:bonitasoft:bonitabpm"; if...

6.1CVSS7AI score0.17681EPSS
Exploits6References1
OpenVAS
OpenVAS
added 2015/06/16 12:0 a.m.11 views

Bonita BPM Detection

Detection of Bonita BPM. The script sends a connection request to the server and attempts to detect Bonita BPM. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

7AI score
Exploits0
securityvulns
securityvulns
added 2015/06/14 12:0 a.m.177 views

Arbitrary File Disclosure and Open Redirect in Bonita BPM

Advisory ID: HTB23259 Product: Bonita BPM Vendor: Bonitasoft Vulnerable Versions: 6.5.1 and probably prior Tested Version: 6.5.1 Windows and Mac OS packages Advisory Publication: May 7, 2015 without technical details Vendor Notification: May 7, 2015 Vendor Patch: June 9, 2015 Public Disclosure:...

5.8CVSS6.5AI score0.17681EPSS
Exploits6
CNVD
CNVD
added 2015/06/10 12:0 a.m.4 views

Bonita BPM Path Traversal Vulnerability

Bonita BPM is an open source business process management - workflow suite. A path traversal vulnerability exists in Bonita BPM. Since the input passed to the "bonita/portal/themeResource" URL via the "theme" and "location" HTTP GET parameters is not properly validated as part of the used filename...

5CVSS7AI score0.17681EPSS
Exploits5References1
0day.today
0day.today
added 2015/06/10 12:0 a.m.72 views

Bonita BPM 6.5.1 Directory Traversal / Open Redirect Vulnerabilities

Exploit for php platform in category web applications Product: Bonita BPM Vendor: Bonitasoft Vulnerable Versions: 6.5.1 and probably prior Tested Version: 6.5.1 Windows and Mac OS packages Advisory Publication: May 7, 2015 without technical details Vendor Notification: May 7, 2015 Vendor Patch:...

5CVSS0.17681EPSS
Exploits6
Packet Storm
Packet Storm
added 2015/06/10 12:0 a.m.60 views

Bonita BPM 6.5.1 Directory Traversal / Open Redirect

Advisory ID: HTB23259 Product: Bonita BPM Vendor: Bonitasoft Vulnerable Versions: 6.5.1 and probably prior Tested Version: 6.5.1 Windows and Mac OS packages Advisory Publication: May 7, 2015 without technical details Vendor Notification: May 7, 2015 Vendor Patch: June 9, 2015 Public Disclosure:...

5CVSS6.2AI score0.17681EPSS
Exploits6
Exploit DB
Exploit DB
added 2015/06/10 12:0 a.m.67 views

Bonita BPM 6.5.1 - Multiple Vulnerabilities

Advisory ID: HTB23259 Product: Bonita BPM Vendor: Bonitasoft Vulnerable Versions: 6.5.1 and probably prior Tested Version: 6.5.1 Windows and Mac OS packages Advisory Publication: May 7, 2015 without technical details Vendor Notification: May 7, 2015 Vendor Patch: June 9, 2015 Public Disclosure:...

6.1CVSS6.2AI score0.17681EPSS
Exploits6
exploitpack
exploitpack
added 2015/06/10 12:0 a.m.59 views

Bonita BPM 6.5.1 - Multiple Vulnerabilities

Bonita BPM 6.5.1 - Multiple Vulnerabilities Advisory ID: HTB23259 Product: Bonita BPM Vendor: Bonitasoft Vulnerable Versions: 6.5.1 and probably prior Tested Version: 6.5.1 Windows and Mac OS packages Advisory Publication: May 7, 2015 without technical details Vendor Notification: May 7, 2015...

5.8CVSS6.5AI score0.17681EPSS
Exploits6
htbridge
htbridge
added 2015/05/07 12:0 a.m.524 views

Arbitrary File Disclosure and Open Redirect in Bonita BPM

High-Tech Bridge Security Research Lab two vulnerabilities in Bonita BPM Portal Bonita's web interface running by default on port 8080, which can be exploited by remote non-authenticated attacker to compromise the vulnerable web application and the web server on which it is hosted. 1 Path Travers...

7.8CVSS0.1AI score0.17681EPSS
Exploits6Affected Software1
Rows per page
Query Builder