557 matches found
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in IBM Cognos Command Center before 10.2 allow remote attackers to hijack the authentication of administrators for requests that 1 start or 2 stop services...
Session fixation
Session fixation vulnerability in IBM Cognos Command Center before 10.2 allows remote attackers to hijack web sessions via an authorization cookie...
CVE-2013-4000
Multiple cross-site request forgery CSRF vulnerabilities in IBM Cognos Command Center before 10.2 allow remote attackers to hijack the authentication of administrators for requests that 1 start or 2 stop services...
CVE-2013-4001
Session fixation vulnerability in IBM Cognos Command Center before 10.2 allows remote attackers to hijack web sessions via an authorization cookie...
CVE-2013-4001
CVE-2013-4001 affects IBM Cognos Command Center (before 10.2) with a session/fixation vulnerability that lets an attacker hijack web sessions via an authorization cookie. The issue is confirmed across multiple sources (NVD/NVD-related entries and IBM security bulletin); IBM states that Cognos Com...
CVE-2013-4000
The CVE-2013-4000 entry concerns IBM Cognos Command Center with multiple CSRF vulnerabilities that allow remote attackers to hijack the administrator session for requests that start or stop services. Affected product: IBM Cognos Command Center prior to version 10.2. The core issue is CSRF in the ...
CVE-2013-3979
Multiple cross-site scripting XSS vulnerabilities in the help pages in Web\Content\Help\ in the Web Client in IBM Cognos Command Center aka Star Command Center or Star Analytics before 10.1, when Internet Explorer is used, allow remote authenticated users to inject arbitrary web script or HTML vi...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the help pages in Web\Content\Help\ in the Web Client in IBM Cognos Command Center aka Star Command Center or Star Analytics before 10.1, when Internet Explorer is used, allow remote authenticated users to inject arbitrary web script or HTML vi...
CVE-2013-3979
CVE-2013-3979: Multiple XSS vulnerabilities in the Web Client’s help pages (Web\Content\Help) of IBM Cognos Command Center (Star Command Center/Star Analytics) prior to version 10.1, triggered when using Internet Explorer. Exploitation is via unspecified vectors by remote authenticated users; imp...
Astaro Command Center crossite scripting
Multiple crossite scripting vulnerabilities...
Astaro Command Center v2.x - Multiple Web Vulnerabilities
Title: ====== Astaro Command Center v2.x - Multiple Web Vulnerabilities Date: ===== 2012-04-03 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=4 VL-ID: ===== 4 Introduction: ============= We are pleased to announce the General Availability of the Astaro Command Center...
Astaro Command Center v2.x - Multiple Web Vulnerabilities
Title: ====== Astaro Command Center v2.x - Multiple Web Vulnerabilities Date: ===== 2012-04-03 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=4 VL-ID: ===== 4 Introduction: ============= We are pleased to announce the General Availability of the Astaro Command Center...
Astaro Command Center 2.x Cross Site Scripting
Title: ====== Astaro Command Center v2.x - Multiple Web Vulnerabilities Date: ===== 2012-04-03 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=4 VL-ID: ===== 4 Introduction: ============= We are pleased to announce the General Availability of the Astaro Command Center...
Astaro Command Center v2.x - Multiple Web Vulnerabilities
Document Title: =============== Astaro Command Center v2.x - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=4 Release Date: ============= 2012-04-02 Vulnerability Laboratory ID VL-ID: ==================================== 4...
Astaro Command Center v2.x - Multiple Web Vulnerabilities
Document Title: =============== Astaro Command Center v2.x - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=4 Release Date: ============= 2012-04-02 Vulnerability Laboratory ID VL-ID: ==================================== 4...
Game On: Gamma Ray Scanners To Guard 'Most Technologically Secure' Super Bowl Ever
Gamma ray scanners? Night vision cameras? bomb-proof manhole covers? G-Men? It must be Super Bowl time again, and Marion County, Indiana says that they’ve gone where no other municipality has gone before: a permanent, $18 million regional operation center yes – ROC that will manage security at th...
GateProtect CC v3.0.1 - Memory Corruption Vulnerability
Document Title: =============== GateProtect CC v3.0.1 - Memory Corruption Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=53 Release Date: ============= 2011-10-27 Vulnerability Laboratory ID VL-ID: ==================================== 53...
GateProtect CC v3.0.1 - Memory Corruption Vulnerability
Document Title: =============== GateProtect CC v3.0.1 - Memory Corruption Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=53 Release Date: ============= 2011-10-26 Vulnerability Laboratory ID VL-ID: ==================================== 53...
CVE-2008-4040
Directory traversal vulnerability in the Kyocera Command Center in Kyocera FS-118MFP allows remote attackers to read arbitrary files via a .. dot dot in the URI...
Directory traversal
Directory traversal vulnerability in the Kyocera Command Center in Kyocera FS-118MFP allows remote attackers to read arbitrary files via a .. dot dot in the URI...