259 matches found
CVE-2019-11559
A reflected Cross-site scripting XSS vulnerability in HRworks V 1.16.1 allows remote attackers to inject arbitrary web script or HTML via the URL parameter to the Login component...
Cross site scripting
A reflected Cross-site scripting XSS vulnerability in HRworks V 1.16.1 allows remote attackers to inject arbitrary web script or HTML via the URL parameter to the Login component...
CVE-2019-11559
A reflected Cross-site scripting XSS vulnerability in HRworks V 1.16.1 allows remote attackers to inject arbitrary web script or HTML via the URL parameter to the Login component...
PT-2019-12379 · Hrworks · Hrworks
Name of the Vulnerable Software and Affected Versions: HRworks version 1.16.1 Description: A reflected Cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via the URL parameter to the Login component. This can be achieved by manipulating the URL to includ...
Design/Logic Flaw
A vulnerability exists in Rancher 2.1.4 in the login component, where the errorMsg parameter can be tampered to display arbitrary content, filtering tags but not special characters or symbols. There's no other limitation of the message, allowing malicious users to lure legitimate users to visit...
CVE-2019-11881
A vulnerability exists in Rancher before 2.2.4 in the login component, where the errorMsg parameter can be tampered to display arbitrary content, filtering tags but not special characters or symbols. There's no other limitation of the message, allowing malicious users to lure legitimate users to...
CVE-2019-11881
Summary: CVE-2019-11881 affects Rancher server versions prior to 2.2.4, in the login component. The vulnerability arises from tampering with the “errorMsg” parameter, which can display arbitrary content after filtering tags but not special characters, enabling attackers to lure users to phishing ...
PT-2019-12541 · Rancher · Rancher
Name of the Vulnerable Software and Affected Versions: Rancher versions prior to 2.2.4 Rancher version 2.1.4 Description: A vulnerability exists in the login component of Rancher, where the errorMsg parameter can be tampered to display arbitrary content. Although tags are filtered, special...
CVE-2018-2613
Vulnerability in the Oracle Argus Safety component of Oracle Health Sciences Applications subcomponent: Login. Supported versions that are affected are 7.x, 8.0.x and 8.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Argus...
Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2018-02401)
Oracle E-Business Suite is based on the original Application ERP expansion, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management, and so on a variety of management software collection, is a seamless integration of a management suite. An...
Unspecified Vulnerability in Oracle Argus Safety
Oracle Argus Safety is a complete pharmacovigilance software system designed to address the pharmaceutical industry's toughest regulatory challenges. An unspecified vulnerability exists in the Login component of Oracle Argus Safety. An attacker could exploit the vulnerability to compromise...
CVE-2016-0699
Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.2 and 12.0.3 allows remote attackers to affect confidentiality and integrity via vectors related to the Login sub-component...
Oracle iLearning has an unspecified vulnerability (CNVD-2015-00579)
Oracle iLearning is an enterprise-class learning management system Learning Management System, LMS, and is one of the core components of Oracle's E-Business Suite. A security vulnerability exists in the Oracle iLearning login component that could be exploited by remote attackers to compromise...
ASP.NET vulnerable to open redirect
Overview ASP.NET provided by Microsoft contains an open redirect vulnerability due to an issue in the login component. ASP.NET provided by Microsoft contains an open redirect vulnerability due to an issue in the login component. Therefore a web application that implements ASP.NET may be vulnerabl...
JVN#71256611: ASP.NET vulnerable to open redirect
ASP.NET provided by Microsoft contains an open redirect vulnerability due to an issue in the login component. Therefore a web application that implements ASP.NET may be vulnerable. Impact The user who accesses the web application that implements ASP.NET may be redirected to an arbitrary website. ...
Quest Defender Desktop Login Component Unspecified Vulnerability
The version of Quest Defender Desktop Login Component installed on the remote Windows host is prior to 5.7.0.4278. It is, therefore, potentially affected by an unspecified security vulnerability according to Quest knowledge base article SOL104608. C Tenable Network Security, Inc...
CVE-2011-2682
The Login component in IBM Rational DOORS Web Access 1.4.x before 1.4.0.4 allows remote authenticated users to cause a denial of service license consumption by trying to login to DOORS Web Access with a new user account that has never been used for a DOORS login...
CVE-2007-4592
Multiple cross-site scripting XSS vulnerabilities in the web interface for IBM Rational ClearQuest before 2003.06.16 Patch 2008A, 7.0.0.2iFix01, and 7.0.1.1iFix01 allow remote attackers to inject arbitrary web script or HTML via the 1 contextid, 2 username, 3 userNameVal, and 4 schema parameters ...
PT-2007-1215 · Portix · Portix-Php
Name of the Vulnerable Software and Affected Versions: Portix-PHP version 0.4.2 Description: The issue allows remote attackers to execute arbitrary SQL commands via the username and passwd fields in the login component. Recommendations: For Portix-PHP version 0.4.2, update to a version that fixes...