7 matches found
EUVD-2015-8448
Malware in sbrugna...
(0Day) Lepide Active Directory Self Service Backup Missing Authentication Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Lepide Active Directory Self Service. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of backup functionality. The issue results fro...
The vulnerability of the Lepide Active Directory Self Service tool, which allows a malicious individual to change the passwords of arbitrary users
The vulnerability of the Lepide Active Directory Self Service tool is related to errors in the implementation of the password reset function. Exploiting this vulnerability could allow an attacker to change the passwords of arbitrary users through a specially created request...
CVE-2015-8570
The password reset functionality in Lepide Active Directory Self Service allows remote authenticated users to change arbitrary domain user passwords via a crafted request...
Cross site request forgery (csrf)
The password reset functionality in Lepide Active Directory Self Service allows remote authenticated users to change arbitrary domain user passwords via a crafted request...
CVE-2015-8570
The password reset functionality in Lepide Active Directory Self Service allows remote authenticated users to change arbitrary domain user passwords via a crafted request...
Lepide Active Directory Self Service Elevation of Privilege Vulnerability
Lepide Active Directory Self Service is a password self-service solution. A security vulnerability exists in the processing of the password reset feature of Lepide Active Directory Self Service. The vulnerability can be exploited by a domain user to change the password of any user within an Activ...