38 matches found
CVE-2026-28808
CVE-2026-28808 is an incorrect authorization vulnerability in Erlang OTP (inets modules). The root cause is a script_alias path mismatch where mod_auth checks DocumentRoot-relative paths while mod_cgi executes ScriptAlias-resolved paths, allowing unauthenticated access to CGI scripts protected by...
CVE-2022-22774
The DOM XML parser and SAX XML parser components of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center, TIBCO Managed File Transfer Command Center, TIBCO Managed File Transfer Internet Server, and TIBCO Managed File Transfer Internet Server contains an easily exploitable vulnerabili...
多款TIBCO Software产品代码问题漏洞
TIBCO Software Managed File Transfer Command Center and TIBCO Software Managed File Transfer Internet Server are both products of TIBCO Software, Inc.TIBCO Software Managed File Transfer Command Center is an enterprise file transfer management solution. TIBCO Software Managed File Transfer Comman...
TIBCO Security Advisory: May 10, 2022 - TIBCO Managed File TransferCommand Center -CVE-2022-22774
TIBCO Managed File Transfer Command Center XXE Vulnerability Original release date: May 10, 2022 Lastrevised: --- CVE-2022-22774 Source: TIBCOSoftware Inc. Products Affected TIBCO Managed File Transfer Command Center versions 8.3.1 and below TIBCO Managed File Transfer Command Center versions 8.4...
SAP Web Dispatcher HTTP Request Smuggling
Onapsis Security Advisory 2022-0001: HTTP Request Smuggling in SAP Web Dispatcher Impact on Business By injecting an HTTP request as a prefix into a victim's request, a malicious user is able to cause damage in different ways, such as producing a Denial of Service by setting an invalid request as...
TIBCO Software Managed File Transfer Command Center and Internet Server Cross-Site Scripting Vulnerability
TIBCO Software Managed File Transfer Command Center and TIBCO Software Managed File Transfer Internet Server are both products of TIBCO Software, Inc.TIBCO Software Managed File Transfer Command Center is an enterprise file transfer management solution. TIBCO Software Managed File Transfer Comman...
CVE-2020-9414
The MFT admin service component of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center and TIBCO Managed File Transfer Internet Server contains a vulnerability that theoretically allows an authenticated user with specific permissions to obtain the session identifier of another user...
CVE-2020-9413
The MFT Browser file transfer client and MFT Browser admin client components of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center and TIBCO Managed File Transfer Internet Server contain a vulnerability that theoretically allows an attacker to craft an URL that will execute arbitrar...
Design/Logic Flaw
The MFT Browser file transfer client and MFT Browser admin client components of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center and TIBCO Managed File Transfer Internet Server contain a vulnerability that theoretically allows an attacker to craft an URL that will execute arbitrar...
Design/Logic Flaw
The MFT admin service component of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center and TIBCO Managed File Transfer Internet Server contains a vulnerability that theoretically allows an authenticated user with specific permissions to obtain the session identifier of another user...
CVE-2020-9413 TIBCO Managed File Transfer reflected XSS vulerability
The MFT Browser file transfer client and MFT Browser admin client components of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center and TIBCO Managed File Transfer Internet Server contain a vulnerability that theoretically allows an attacker to craft an URL that will execute arbitrar...
CVE-2020-9414
The connected CNVD entry confirms a cross-site scripting vulnerability in TIBCO Managed File Transfer Command Center and Internet Server (MFT admin service) affecting 8.2.1 and earlier. An authenticated user with specific permissions could exploit XSS to obtain another user’s session identifier, ...
TIBCO Security Advisory: June 30, 2020 - TIBCO Managed File Transfer -2020-9414
TIBCO Managed File Transfer reflected XSS vulerability Original release date: June30, 2020 Last revised: CVE-2020-9414 Source: TIBCO Software Inc. TIBCO Managed File Transfer reflected XSS vulerability Original release date: June 30, 2020 Last revised: --- Source: TIBCO Software Inc. Systems...
TIBCO Security Advisory: June 30, 2020 - TIBCO Managed File Transfer -2020-9414
TIBCO Managed File Transfer reflected XSS vulerability Original release date: June30, 2020 Last revised: CVE-2020-9414 Source: TIBCO Software Inc. TIBCO Managed File Transfer reflected XSS vulerability Original release date: June 30, 2020 Last revised: --- Source: TIBCO Software Inc. Systems...
TIBCO Security Advisory: June 30, 2020 - TIBCO Managed File Transfer -2020-9413
TIBCO Managed File Transfer reflected XSS vulerability Original release date: June30, 2020 Last revised: CVE-2020-9413 Source: TIBCO Software Inc. TIBCO Managed File Transfer reflected XSS vulerability Original release date: June 30, 2020 Last revised: --- Source: TIBCO Software Inc. Systems...
CVE-2018-18810
CVE-2018-18810 affects TIBCO Managed File Transfer Command Center (Administrator Service) and TIBCO Managed File Transfer Internet Server. An authenticated user with specific privileges can access credentials maintained by or for other systems, enabling credential disclosure. Affected releases in...
CVE-2018-18810 TIBCO Managed File Transfer Credentials Disclosure
The Administrator Service component of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center, and TIBCO Managed File Transfer Internet Server contains vulnerabilities where an authenticated user with specific privileges can gain access to credentials to other systems. Affected releases...
Input validation
The Administrator Service component of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center, and TIBCO Managed File Transfer Internet Server contains vulnerabilities where an authenticated user with specific privileges can gain access to credentials to other systems. Affected releases...
CVE-2018-18810
The Administrator Service component of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center, and TIBCO Managed File Transfer Internet Server contains vulnerabilities where an authenticated user with specific privileges can gain access to credentials to other systems. Affected releases...
CVE-2018-18810
The Administrator Service component of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center, and TIBCO Managed File Transfer Internet Server contains vulnerabilities where an authenticated user with specific privileges can gain access to credentials to other systems. Affected releases...