178 matches found
PT-2021-4998 · Mcafee · Mcafee Data Loss Prevention (Dlp) Epo Extension
Name of the Vulnerable Software and Affected Versions: McAfee Data Loss Prevention ePO extension versions prior to 11.7.100 Description: The issue is related to a lack of protection for the web page structure, allowing for cross-site scripting XSS attacks. This can enable a remote attacker to...
ClinicCases SQL注入漏洞
ClinicCases is an open source case management system designed for law school clinics. ClinicCases version 7.3.3 suffers from a SQL injection vulnerability that allows a low-privilege attacker to execute arbitrary SQL commands via vulnerable parameters...
CVE-2020-26251
Open Zaak (version prior to 1.3.3) had a wide-open CORS policy allowing any client, which could enable cross-origin scripts to access the API. The CVE notes that Open Zaak 1.3.3 disables CORS by default, with opt-in possible via environment variables. The publicly provided documents state that ex...
McAfee Data Loss Prevention ePO extension code issue vulnerability
McAfee Data Loss Prevention Endpoint DLPe is an integrated endpoint data protection solution from McAfee, Inc. that prevents theft and accidental disclosure of confidential data and provides security policies for file processing and transmission, shared data flow control and data encryption. The...
CVE-2020-7302
Unrestricted Upload of File with Dangerous Type in McAfee Data Loss Prevention DLP ePO extension prior to 11.5.3 allows authenticated attackers to upload malicious files to the DLP case management section via lack of sanity checking...
CVE-2020-7301
Cross Site scripting vulnerability in McAfee Data Loss Prevention DLP ePO extension prior to 11.5.3 allows authenticated attackers to trigger alerts via the file upload tab in the DLP case management section...
Kirjuri - Web Application For Managing Cases And Physical Forensic Evidence Items
Kirjuri is a simple php/mysql web application for managing physical forensic evidence items. It is intended to be used as a workflow tool from receiving, booking, note-taking and possibly reporting findings. It simplifies and helps in case management when dealing with a large or small! number of...
KMCIS CaseAware Cross-Site Scripting Vulnerability
KMCIS CaseAware is a single solution for default case management. A cross-site scripting vulnerability exists in the login.php file in KMCIS CaseAware. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...
Automated Security Response: Falcon Orchestrator
CrowdStrike Falcon Orchestrator is an extendable Windows-based application that provides workflow automation, case management and security response functionality. The tool leverages the highly extensible APIs contained within the CrowdStrike Falcon Connect program. Falcon Orchestrator has only be...
EMC RSA Adaptive Authentication Cross-Site Scripting Vulnerability (CNVD-2016-08081)
EMC RSA Adaptive Authentication On-Premise is a comprehensive, risk-based authentication and fraud detection platform from EMC Corporation.Case Management application is one of the applications used to study and analyze cases. A cross-site scripting vulnerability exists in the Case Management...
CVE-2016-0925
Cross-site scripting XSS vulnerability in the Case Management application in EMC RSA Adaptive Authentication On-Premise before 6.0.2.1.SP3.P4 HF210, 7.0.x and 7.1.x before 7.1.0.0.SP0.P6 HF50, and 7.2.x before 7.2.0.0.SP0.P0 HF20 allows remote authenticated users to inject arbitrary web script or...
CVE-2016-0925
The CVE-2016-0925 entry describes a cross-site scripting (XSS) vulnerability in the Case Management component of EMC RSA Adaptive Authentication (On-Premise). Affected versions include 6.0.2.1.SP3.P4 HF210; 7.0.x and 7.1.x before 7.1.0.0.SP0.P6 HF50; and 7.2.x before 7.2.0.0.SP0.P0 HF20. The issu...
VU Case Manager Authentication Bypass
No description provided by source. 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ 0 0 \ \ /\ /\ \ \ \ /\ \ \ /\ /\ \ \ \ \ \ \ / 1 1 \ \ \ \\ \ \ /\ \...
CVE-2014-0637
CVE-2014-0637 is an XSS vulnerability in RSA Adaptive Authentication (On-Premise) back-office case-management, affecting 6.x and 7.x up to 7.1 SP0 P2. The issue allows remote authenticated users to inject arbitrary script/HTML via unspecified vectors. A fix is package 7.1 SP0 P2; RSA recommends u...
Mobius Forensic Toolkit v0.5.8 Released
Mobius Forensic Toolkit v0.5.8 Released Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tool...
Mobius Forensic Toolkit v0.5.7 released !
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tool. Changelog Six news registry reports were...
VU Case Manager - Authentication Bypass
VU Case Manager - Authentication Bypass 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site :...
[SA15743] Legal Case Management System Log File Disclosure
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...