5 matches found
EUVD-2020-3892
Malware in sbrugna...
Tecknodreams SapphireIMS Insecure Direct Object Reference Vulnerability
Tecknodreams SapphireIMS is an ITIL 2011 certified enterprise class service management system from Tecknodreams India. A security vulnerability exists in Tecknodreams SapphireIMS 40971. The vulnerability stems from an insecure direct object reference in the local user creation function. An attack...
CVE-2017-16630
In SapphireIMS 40971, a guest user can create a local administrator account on any system that has SapphireIMS installed, because of an Insecure Direct Object Reference IDOR in the local user creation function...
CVE-2020-11541
In TechSmith SnagIt 11.2.1 through 20.0.3, an XML External Entity XXE injection issue exists that would allow a local attacker to exfiltrate data under the local Administrator account...
Cisco Wireless LAN Controller Software GUI Elevation of Privilege Vulnerability
Cisco Wireless LAN Controller WLC is a wireless LAN controller product from Cisco USA. The product provides security policy, intrusion detection and other functions in the wireless LAN. The Cisco Wireless LAN Controller Software GUI elevation of privilege vulnerability is caused by incorrect...