Security Bulletin: Rational Test Control Panel in Rational Test Workbench and Rational Test Virtualization Server affected by Apache Tomcat vulnerablity (CVE-2013-4286, CVE-2013-4322, CVE-2013-4590)

Summary Apache Tomcat is vulnerable affecting the Rational Test Control Panel in IBM Rational Test Workbench and Rational Test Virtualization Server. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this link for more...

CVE-2018-12498

spider.admincp.php in iCMS v7.0.8 has SQL Injection via the id parameter in an app=spider&do=batch request to admincp.php...

Microsoft Windows: Prevent enabling lock screen camera

This test checks the setting for policy OpenVAS Vulnerability Test $Id: wincplockscreencamera.nasl 11337 2018-09-11 14:23:53Z emoss $ Check value for Prevent enabling lock screen camera Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This progra...

Microsoft Windows: Service: Problem Reports and Solutions Control Panel Support

The service SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.109268";...

CVE-2018-11430

An issue was discovered in the Moderator Log Notes plugin 1.1 for MyBB. It allows moderators to save notes and display them in a list in the modCP. The XSS is located in the mod notes textarea...

Easy Hosting Control Panel Cross-Site Scripting Vulnerability (CNVD-2018-12711)

Easy Hosting Control Panel EHCP is an open source hosting control panel that is used to manage domains, emails, ftp users and more. A cross-site scripting vulnerability exists in EHCP version 0.37.12.b. The vulnerability stems from the program failing to properly validate user input. A remote...

Easy Hosting Control Panel Database Password Cracking Vulnerability

Easy Hosting Control Panel EHCP is an open source hosting control panel that is used to manage domains, emails, ftp users and more. A security vulnerability exists in EHCP version 0.37.12.b. The vulnerability stems from the program's use of a weak hashing algorithm and the absence of salt, which...

Easy Hosting Control Panel Password Change Vulnerability

Easy Hosting Control Panel EHCP is an open source hosting control panel that is used to manage domains, emails, ftp users and more. A security vulnerability exists in EHCP version 0.37.12.b. The vulnerability stems from the program failing to request the current password when a new password is se...

Easy Hosting Control Panel Cross-Site Scripting Vulnerability

Easy Hosting Control Panel EHCP is an open source hosting control panel that is used to manage domains, emails, ftp users and more. A cross-site scripting vulnerability exists in EHCP version 0.37.12.b. The vulnerability stems from the program failing to properly validate user input. A remote...

Easy Hosting Control Panel Cross-Site Request Forgery Vulnerability

Easy Hosting Control Panel EHCP is an open source hosting control panel that is used to manage domains, emails, ftp users and more. A cross-site request forgery vulnerability exists in EHCP version 0.37.12.b. The vulnerability stems from the program failing to properly filter user-submitted data....

CVE-2018-6619

Easy Hosting Control Panel EHCP v0.37.12.b makes it easier for attackers to crack database passwords by leveraging use of a weak hashing algorithm without a salt...

CVE-2018-6618

Easy Hosting Control Panel EHCP v0.37.12.b allows attackers to obtain sensitive information by leveraging cleartext password storage...

CVE-2018-6361

Easy Hosting Control Panel EHCP v0.37.12.b has XSS via the op parameter, as demonstrated by adding a backdoor FTP account...

Cross site request forgery (csrf)

Easy Hosting Control Panel EHCP v0.37.12.b allows remote attackers to conduct cross-site request forgery CSRF attacks by leveraging lack of CSRF protection...

CVE-2018-6362

Easy Hosting Control Panel EHCP v0.37.12.b has XSS via the domainop action parameter, as demonstrated by reading the PHPSESSID cookie...

CVE-2018-6361

Easy Hosting Control Panel EHCP v0.37.12.b has XSS via the op parameter, as demonstrated by adding a backdoor FTP account...

CVE-2018-6617

Easy Hosting Control Panel EHCP v0.37.12.b, when using a local MySQL server, allows attackers to change passwords of arbitrary database users by leveraging failure to ask for the current password...

CVE-2018-6458

Easy Hosting Control Panel EHCP v0.37.12.b allows remote attackers to conduct cross-site request forgery CSRF attacks by leveraging lack of CSRF protection...

CVE-2018-6458

Easy Hosting Control Panel EHCP v0.37.12.b allows remote attackers to conduct cross-site request forgery CSRF attacks by leveraging lack of CSRF protection...

Design/Logic Flaw

Easy Hosting Control Panel EHCP v0.37.12.b allows attackers to obtain sensitive information by leveraging cleartext password storage...