156 matches found
CVE-2020-9414 TIBCO Managed File Transfer reflected XSS vulerability
The MFT admin service component of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center and TIBCO Managed File Transfer Internet Server contains a vulnerability that theoretically allows an authenticated user with specific permissions to obtain the session identifier of another user...
CVE-2020-9413 TIBCO Managed File Transfer reflected XSS vulerability
The MFT Browser file transfer client and MFT Browser admin client components of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center and TIBCO Managed File Transfer Internet Server contain a vulnerability that theoretically allows an attacker to craft an URL that will execute arbitrar...
CVE-2020-9414
The connected CNVD entry confirms a cross-site scripting vulnerability in TIBCO Managed File Transfer Command Center and Internet Server (MFT admin service) affecting 8.2.1 and earlier. An authenticated user with specific permissions could exploit XSS to obtain another user’s session identifier, ...
TIBCO Security Advisory: June 30, 2020 - TIBCO Managed File Transfer -2020-9414
TIBCO Managed File Transfer reflected XSS vulerability Original release date: June30, 2020 Last revised: CVE-2020-9414 Source: TIBCO Software Inc. TIBCO Managed File Transfer reflected XSS vulerability Original release date: June 30, 2020 Last revised: --- Source: TIBCO Software Inc. Systems...
TIBCO Security Advisory: June 30, 2020 - TIBCO Managed File Transfer -2020-9414
TIBCO Managed File Transfer reflected XSS vulerability Original release date: June30, 2020 Last revised: CVE-2020-9414 Source: TIBCO Software Inc. TIBCO Managed File Transfer reflected XSS vulerability Original release date: June 30, 2020 Last revised: --- Source: TIBCO Software Inc. Systems...
TIBCO Security Advisory: June 30, 2020 - TIBCO Managed File Transfer -2020-9413
TIBCO Managed File Transfer reflected XSS vulerability Original release date: June30, 2020 Last revised: CVE-2020-9413 Source: TIBCO Software Inc. TIBCO Managed File Transfer reflected XSS vulerability Original release date: June 30, 2020 Last revised: --- Source: TIBCO Software Inc. Systems...
TIBCO Security Advisory: June 30, 2020 - TIBCO Managed File Transfer -2020-9413
TIBCO Managed File Transfer reflected XSS vulerability Original release date: June30, 2020 Last revised: CVE-2020-9413 Source: TIBCO Software Inc. TIBCO Managed File Transfer reflected XSS vulerability Original release date: June 30, 2020 Last revised: --- Source: TIBCO Software Inc. Systems...
CVE-2020-9412
The file transfer component of TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server for IBM i contains a vulnerability that theoretically allows execution of arbitrary commands at the privilege level of the affected system following a failed file transfer. Affected releases are TIBCO...
CVE-2020-9411
The file transfer component of TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server for IBM i contains a vulnerability that theoretically allows an attacker to perform unauthorized network file transfers to and from the file system accessible to the affected component. This...
Design/Logic Flaw
The file transfer component of TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server for IBM i contains a vulnerability that theoretically allows execution of arbitrary commands at the privilege level of the affected system following a failed file transfer. Affected releases are TIBCO...
Design/Logic Flaw
The file transfer component of TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server for IBM i contains a vulnerability that theoretically allows an attacker to perform unauthorized network file transfers to and from the file system accessible to the affected component. This...
CVE-2020-9412
The vulnerability affects TIBCO Managed File Transfer Platform Server for IBM i (file transfer component). Affects versions 7.1.0 and below, and 8.0.0. Root cause and impact: arbitrary command execution at the privilege level of the affected system after a failed file transfer, with network-based...
CVE-2020-9412 TIBCO Managed File Transfer Platform Server for IBM i Arbitrary Command Execution
The file transfer component of TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server for IBM i contains a vulnerability that theoretically allows execution of arbitrary commands at the privilege level of the affected system following a failed file transfer. Affected releases are TIBCO...
CVE-2020-9411 TIBCO Managed File Transfer Platform Server for IBM i Authentication Bypass
The file transfer component of TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server for IBM i contains a vulnerability that theoretically allows an attacker to perform unauthorized network file transfers to and from the file system accessible to the affected component. This...
SolarWinds Serv-U Managed File Transfer Web client Cross-Site Request Forgery Vulnerability
SolarWinds Serv-U Managed File Transfer Web client MFT is a file transfer client application from the American company SolarWinds. A cross-site request forgery vulnerability exists in the file upload feature of the SolarWinds Serv-U MFT Web client prior to version 15.1.6 Hotfix 2. An attacker can...
CVE-2019-12769
SolarWinds Serv-U Managed File Transfer MFT Web client before 15.1.6 Hotfix 2 is vulnerable to Cross-Site Request Forgery in the file upload functionality via ?Command=Upload with the Dir and File parameters...
CVE-2019-2538
Vulnerability in the Oracle Managed File Transfer component of Oracle Fusion Middleware subcomponent: MFT Runtime Server. Supported versions that are affected are 19.1.0.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...
CVE-2019-2538
Vulnerability in the Oracle Managed File Transfer component of Oracle Fusion Middleware subcomponent: MFT Runtime Server. Supported versions that are affected are 19.1.0.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...
Design/Logic Flaw
Vulnerability in the Oracle Managed File Transfer component of Oracle Fusion Middleware subcomponent: MFT Runtime Server. Supported versions that are affected are 19.1.0.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...
CVE-2019-2538
CVE-2019-2538 is a vulnerability in the Oracle Managed File Transfer (MFT Runtime Server) component of Oracle Fusion Middleware . Affected versions are 19.1.0.0.0 and 12.2.1.3.0 . The issue allows a low-privileged attacker who can access the service over the network via HTTP to compromise MFT, po...