Lucene search
K

4745 matches found

myhack58
myhack58
added 2006/08/03 12:0 a.m.17 views

Awareness of vulnerabilities haha-vulnerability warning-the black bar safety net

Text/SuperHeiAtph4nt0m.org 2006-2-12 2006-02-0 9, milw0rm released the FCKEditor one upload vulnerability1. Fig. FCKEditor is one of a plurality of language Language version of theasp,cgi,aspx,php,cfm,...of the online editing class2, many web systems use this A class. In fact, this is something o...

7.1AI score
Exploits0
myhack58
myhack58
added 2006/07/12 12:0 a.m.13 views

ACMS vulnerability-vulnerability warning-the black bar safety net

A few days ago a friend asked me to help him dosecurity testing, his Station is ACMS information distribution system. I to the official down a set of ACMS to study. ACMS front Desk is by the back-end to generate the static page, there is no injection vulnerability. The background comes with the...

7.5AI score
Exploits0
securityvulns
securityvulns
added 2006/07/03 12:0 a.m.52 views

Current Versions Release History

Current Versions Release History 5.1c2 30-Jun-06 Valid Core License Keys: issued between 01-Jun-2004 and 31-Oct-2004, or on or after 01-Jun-2005. Admin: Lawful Intercept for Signals is implemented. WSSP: now all string prefixes HTML, JAVASCRIPT, etc. support numeric data. XIMSS: the Signal...

7.9AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2006/06/06 12:0 a.m.8 views

Update Protection against Multiple SAP Business Connector Vulnerabilities

SAP Business Connector SAP BC is B2B application that enables communication between SAP applications like SAP R/3 and non-SAP applications. Several vulnerabilities have been reported in the SAP BC that can allow for Phishing scams against the SAP BC administrator, disclosure of sensitive...

6.4CVSS1.7AI score0.02732EPSS
Exploits0
securityvulns
securityvulns
added 2006/05/16 12:0 a.m.53 views

CYBSEC - Security Advisory: Arbitrary File Read/Delete in SAP BC (Business Connector)

The following advisory is also available in PDF format for download at: http://www.cybsec.com/vuln/CYBSECSecurityAdvisoryArbitraryFileReadorDeleteinSAPBC.pdf CYBSEC S.A. www.cybsec.com Advisory Name: Arbitrary File Read/Delete in SAP BC Business Connector Vulnerability Class: Improper Input...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2006/05/16 12:0 a.m.37 views

CYBSEC - Security Advisory: Phishing Vector in SAP BC (Business Connector)

The following advisory is also available in PDF format for download at: http://www.cybsec.com/vuln/CYBSECSecurityAdvisoryPhishingVectorinSAPBC.pdf CYBSEC S.A. www.cybsec.com Advisory Name: Phishing Vector in SAP BC Business Connector Vulnerability Class: Phishing Vector / Improper Input Validatio...

Exploits0
Tenable Nessus
Tenable Nessus
added 2006/04/05 12:0 a.m.124 views

AJP Connector Detection

The remote host is running an AJP Apache JServ Protocol connector, a service by which a standalone web server such as Apache communicates over TCP with a Java servlet container such as Tomcat. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid21186; scriptversion"1.11";...

5.5AI score
Exploits0References2
Apache Tomcat
Apache Tomcat
added 2006/03/16 12:0 a.m.30 views

Fixed in Apache Tomcat JK Connector 1.2.16

Important: Information disclosure CVE-2006-7197 The Tomcat AJP connector contained a bug that sometimes set a too long length for the chunks delivered by sendbodychunks AJP messages. Bugs of this type can cause modjk to read beyond buffer boundaries and thus reveal sensitive memory information to...

7.8CVSS9.2AI score0.08319EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2006/02/24 12:0 a.m.16 views

Brooky CubeCart < 3.0.7 connector.php Arbitrary File Upload

Binary data 3446.prm...

5CVSS7.3AI score0.07963EPSS
Exploits0References2
Prion
Prion
added 2006/02/16 11:2 a.m.20 views

Design/Logic Flaw

WmRoot/adapter-index.dsp in SAP Business Connector Core Fix 7 and earlier allows remote attackers to conduct spoofing phishing attacks via an absolute URL in the url parameter, which loads the URL inside a frame...

4CVSS7.1AI score0.02732EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2006/02/16 11:2 a.m.18 views

CVE-2006-0731

WmRoot/adapter-index.dsp in SAP Business Connector Core Fix 7 and earlier allows remote attackers to conduct spoofing phishing attacks via an absolute URL in the url parameter, which loads the URL inside a frame...

4CVSS6.6AI score0.02732EPSS
Exploits0References8
Prion
Prion
added 2006/02/16 11:2 a.m.17 views

Directory traversal

Directory traversal vulnerability in SAP Business Connector BC 4.6 and 4.7 allows remote attackers to read or delete arbitrary files via the fullName parameter to 1 sapbc/SAP/chopSAPLog.dsp or 2 invoke/sap.monitor.rfcTrace/deleteSingle. Details will be updated after the grace period has ended...

6.4CVSS7.3AI score0.02548EPSS
Exploits0References10Affected Software1
NVD
NVD
added 2006/02/16 11:2 a.m.10 views

CVE-2006-0732

Directory traversal vulnerability in SAP Business Connector BC 4.6 and 4.7 allows remote attackers to read or delete arbitrary files via the fullName parameter to 1 sapbc/SAP/chopSAPLog.dsp or 2 invoke/sap.monitor.rfcTrace/deleteSingle. Details will be updated after the grace period has ended...

6.4CVSS6.7AI score0.02548EPSS
Exploits0References10
Cvelist
Cvelist
added 2006/02/16 11:0 a.m.20 views

CVE-2006-0731

WmRoot/adapter-index.dsp in SAP Business Connector Core Fix 7 and earlier allows remote attackers to conduct spoofing phishing attacks via an absolute URL in the url parameter, which loads the URL inside a frame...

6.6AI score0.02732EPSS
Exploits0References8
Cvelist
Cvelist
added 2006/02/16 11:0 a.m.15 views

CVE-2006-0732

Directory traversal vulnerability in SAP Business Connector BC 4.6 and 4.7 allows remote attackers to read or delete arbitrary files via the fullName parameter to 1 sapbc/SAP/chopSAPLog.dsp or 2 invoke/sap.monitor.rfcTrace/deleteSingle. Details will be updated after the grace period has ended...

6.7AI score0.02548EPSS
Exploits0References10
CVE
CVE
added 2006/02/16 11:0 a.m.52 views

CVE-2006-0732

CVE-2006-0732 is a directory traversal vulnerability in SAP Business Connector (BC) 4.6 and 4.7. The issue allows remote attackers to read or delete arbitrary files via the fullName parameter to (1) sapbc/SAP/chopSAPLog.dsp or (2) invoke/sap.monitor.rfcTrace/deleteSingle. Conditions: the product ...

6.4CVSS6.7AI score0.02548EPSS
Exploits0References10Affected Software1
CVE
CVE
added 2006/02/16 11:0 a.m.64 views

CVE-2006-0731

SAP Business Connector Core (WmRoot/adapter-index.dsp) vulnerability (CVE-2006-0731) affects Core Fix 7 and earlier. An absolute URL in the url parameter can be loaded inside a frame, enabling remote phishing spoofing attacks. Exploitation details or in-the-wild activity are not provided in the s...

4CVSS6.6AI score0.02732EPSS
Exploits0References8Affected Software1
securityvulns
securityvulns
added 2006/02/16 12:0 a.m.51 views

Multiple SAP Business Connector B2B software vulnerabilities

Directory traversal, content spoofing...

3.2AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2006/02/16 12:0 a.m.43 views

CYBSEC - Security Pre-Advisory: Arbitrary File Read/Delete in SAP BC

The following advisory is also available in PDF format for download at: http://www.cybsec.com/vuln/CYBSECSecurityPre-AdvisoryArbitraryFileReadorDeleteinSAPBC.pdf CYBSEC S.A. www.cybsec.com Pre-Advisory Name: Arbitrary File Read/Delete in SAP BC Business Connector Vulnerability Class: Improper Inp...

6.7AI score
Exploits0
exploitpack
exploitpack
added 2006/02/15 12:0 a.m.13 views

SAP Business Connector 4.64.7 - adapter-index.dsp?url Arbitrary Site Redirect

SAP Business Connector 4.64.7 - adapter-index.dsp?url Arbitrary Site Redirect source: https://www.securityfocus.com/bid/16671/info SAP Business Connector is susceptible to an input-validation vulnerability. This issue is due to the application's failure to properly sanitize user-supplied input...

0.1AI score
Exploits0
Rows per page
Query Builder