EUVD-2021-12547

Malware in sbrugna...

EUVD-2021-12548

Malware in sbrugna...

CVE-2021-25656

Stored XSS injection vulnerabilities were discovered in the Avaya Aura Experience Portal Web management which could allow an authenticated user to potentially disclose sensitive information. Affected versions include 7.0 through 7.2.3 without hotfix and 8.0.0 without hotfix...

CVE-2021-25655

A vulnerability in the system Service Menu component of Avaya Aura Experience Portal may allow URL Redirection to any untrusted site through a crafted attack. Affected versions include 7.0 through 7.2.3 without hotfix and 8.0.0 without hotfix...

CVE-2023-7031

Insecure Direct Object Reference vulnerabilities were discovered in the Avaya Aura Experience Portal Manager which may allow partial information disclosure to an authenticated non-privileged user. Affected versions include 8.0.x and 8.1.x, prior to 8.1.2 patch 0402. Versions prior to 8.0 are end ...

CVE-2023-7031

CVE-2023-7031 : Insecure Direct Object Reference in Avaya Aura Experience Portal Manager allows partial information disclosure to an authenticated non-privileged user. Affected: Avaya Aura Experience Portal Manager versions 8.0.x and 8.1.x prior to 8.1.2 patch 0402; versions prior to 8.0 are end ...

Avaya Aura Experience Portal Information Disclosure Vulnerability

Avaya Aura Experience Portal is the next-generation Avaya Voice Portal from Avaya, Inc. providing organizations with a single point of orchestration for all automated voice and multimedia applications and services.Experience Portal supports SIP, IP, TDM or hybrid environments. It includes powerfu...

CVE-2021-25655

A vulnerability in the system Service Menu component of Avaya Aura Experience Portal may allow URL Redirection to any untrusted site through a crafted attack. Affected versions include 7.0 through 7.2.3 without hotfix and 8.0.0 without hotfix...

CVE-2021-25656

Stored XSS injection vulnerabilities were discovered in the Avaya Aura Experience Portal Web management which could allow an authenticated user to potentially disclose sensitive information. Affected versions include 7.0 through 7.2.3 without hotfix and 8.0.0 without hotfix...

CVE-2021-25655

A vulnerability in the system Service Menu component of Avaya Aura Experience Portal may allow URL Redirection to any untrusted site through a crafted attack. Affected versions include 7.0 through 7.2.3 without hotfix and 8.0.0 without hotfix...

Sql injection

A vulnerability in the system Service Menu component of Avaya Aura Experience Portal may allow URL Redirection to any untrusted site through a crafted attack. Affected versions include 7.0 through 7.2.3 without hotfix and 8.0.0 without hotfix...

CVE-2021-25656

CVE-2021-25656 refers to stored XSS vulnerabilities in the Avaya Aura Experience Portal Web management interface. The issue is exploitable by an authenticated user and could disclose sensitive information. Affected versions are 7.0–7.2.3 (without hotfix) and 8.0.0 (without hotfix). The available ...

CVE-2021-25655 URL redirection to untrusted site possible in Avaya Aura Experience Portal

A vulnerability in the system Service Menu component of Avaya Aura Experience Portal may allow URL Redirection to any untrusted site through a crafted attack. Affected versions include 7.0 through 7.2.3 without hotfix and 8.0.0 without hotfix...

CVE-2021-25655

CVE-2021-25655 affects Avaya Aura Experience Portal, specifically the System Service Menu component, enabling URL redirection to untrusted sites via a crafted input. Affected versions: 7.0–7.2.3 (without hotfix) and 8.0.0 (without hotfix). The connected documents describe an input-validation/redi...

Avaya Aura Experience Portal 输入验证错误漏洞

Avaya Aura Experience Portal is the next generation of Avaya Voice Portal from Avaya, Inc. providing organizations with a single point of orchestration for all automated voice and multimedia applications and services. experience Portal supports SIP, IP, TDM or hybrid environments. It includes...

Oracle Java SE CVE-2013-2465 Memory Corruption Vulnerability

Description Oracle Java SE is prone to a memory-corruption vulnerability in Java Runtime Environment. Attackers can exploit this issue to execute arbitrary code within the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions...

Oracle Java SE CVE-2013-2471 Buffer Overflow Vulnerability

Description Oracle Java SE is prone to a buffer-overflow vulnerability in Java Runtime Environment. An attacker can exploit this issue to execute arbitrary code in the context of the current user. This vulnerability affects the following supported versions: 7 Update 21 , 6 Update 45 , 5.0 Update ...

Oracle Java SE CVE-2013-1493 Remote Code Execution Vulnerability

Description Oracle Java SE is prone to a remote code execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the application. This vulnerability affects the following supported versions: JDK and JRE 7 Update 15 and prior JDK and JRE 6 Update 41 and...