25 matches found
CVE-2021-41551
Leostream Connection Broker 9.0.40.17 allows administrators to conduct directory traversal attacks by uploading z ZIP file that contains a symbolic link...
EUVD-2021-28569
Malicious code in bioql PyPI...
EUVD-2021-28568
Malicious code in bioql PyPI...
CVE-2021-41551
Leostream Connection Broker 9.0.40.17 allows administrators to conduct directory traversal attacks by uploading z ZIP file that contains a symbolic link...
CVE-2021-41551
Leostream Connection Broker 9.0.40.17 allows administrators to conduct directory traversal attacks by uploading z ZIP file that contains a symbolic link...
CVE-2021-41551
Leostream Connection Broker 9.0.40.17 allows administrators to conduct directory traversal attacks by uploading z ZIP file that contains a symbolic link...
CVE-2021-41550
Leostream Connection Broker 9.0.40.17 allows administrator to upload and execute Perl code...
Directory traversal
Leostream Connection Broker 9.0.40.17 allows administrators to conduct directory traversal attacks by uploading z ZIP file that contains a symbolic link...
CVE-2021-41550
Leostream Connection Broker 9.0.40.17 allows administrator to upload and execute Perl code...
CVE-2021-41551
CVE-2021-41551 affects Leostream Connection Broker 9.0.40.17. Administrators can perform a directory traversal by uploading a ZIP file that contains a symbolic link, enabling access to files outside the intended directory. This is supported by Red Hat and NVD entries in the provided documents. Th...
CVE-2021-41551
Leostream Connection Broker 9.0.40.17 allows administrators to conduct directory traversal attacks by uploading z ZIP file that contains a symbolic link...
Leostream Connection Broker 代码问题漏洞
Leostream Connection Broker is a vendor-neutral connection broker from Leostream USA that provides a single interface to manage a range of operating systems, physical and virtual desktops, and display protocols commonly found in enterprise environments. A security vulnerability exists in Leostrea...
Leostream Connection Broker 后置链接漏洞
Leostream Connection Broker is a vendor-neutral connection broker from Leostream, Inc. that provides a single interface to manage a range of operating systems, physical and virtual desktops, and display protocols commonly found in enterprise environments. A backlink vulnerability exists in...
CVE-2021-38157
LeoStream Connection Broker 9.x before 9.0.34.3 allows Unauthenticated Reflected XSS via the /index.pl user parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
Cross site scripting
UNSUPPORTED WHEN ASSIGNED LeoStream Connection Broker 9.x before 9.0.34.3 allows Unauthenticated Reflected XSS via the /index.pl user parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2021-38157
LeoStream Connection Broker 9.x before 9.0.34.3 allows Unauthenticated Reflected XSS via the /index.pl user parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2021-38157
The CVE-2021-38157 entry concerns LeoStream Connection Broker 9.x prior to 9.0.34.3, which is vulnerable to unauthenticated reflected XSS via the /index.pl endpoint using the user parameter. The root cause is improper handling/validation of user-supplied input on that endpoint, enabling an attack...
CVE-2021-38157
LeoStream Connection Broker 9.x before 9.0.34.3 allows Unauthenticated Reflected XSS via the /index.pl user parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
PT-2021-21974 · Unknown · Leostream Connection Broker
Name of the Vulnerable Software and Affected Versions: LeoStream Connection Broker versions 9.x before 9.0.34.3 Description: The issue allows Unauthenticated Reflected XSS via the "/index.pl" API endpoint, specifically through the user parameter. This affects products that are no longer supported...
Leostream Connection Broker 跨站脚本漏洞
Leostream Connection Broker is a vendor-neutral connection broker from Leostream, Inc. that provides a single interface to manage a range of operating systems, physical and virtual desktops, and display protocols that are common in enterprise environments. A cross-site scripting vulnerability...