80 matches found
Arbitrary File Deletion Vulnerability in CLTPHP Open Source Edition
CLTPHP content management system is an efficient site-building PHP content management system , but also an open source CMS system . CLTPHP open source version of the arbitrary file deletion vulnerability, an attacker can exploit the vulnerability on the integrity of the system...
Arbitrary File Read Vulnerability in CLTPHP Open Source Edition
CLTPHP content management system is an efficient site-building PHP content management system , but also an open source CMS system . CLTPHP open source version of the existence of arbitrary file reading vulnerability , an attacker can exploit the vulnerability to read any file on the server...
CVE-2019-5915
Open redirect vulnerability in OpenAM Open Source Edition 13.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted page...
CVE-2019-5915
OpenAM (Open Source Edition) 13.0 is affected by CVE-2019-5915, a open redirect vulnerability. A specially crafted page can cause users to be redirected to arbitrary websites, enabling phishing. Root cause is an open redirect in the OpenAM 13.0 flow. Mitigation: apply the patch released by the Op...
OpenAM (Open Source Edition) vulnerable to open redirect
Overview OpenAM Open Source Edition contains an open redirect vulnerability. Norihito Aimoto of Open Source Solution Technology Corporation reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developers. Impact When accessing a specially crafted page, the user may be redirect...
JVN#43193964: OpenAM (Open Source Edition) vulnerable to open redirect
OpenAM Open Source Edition contains an open redirect vulnerability. Impact When accessing a specially crafted page, the user may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack. Solution Apply the Patch Patch for this vulnerability has been...
Oracle GlassFish Open Source Edition Remote Monitoring Vulnerability
Oracle GlassFish is the United States Oracle Oracle company to achieve a jsp and other applications such as server software. Oracle GlassFish Open Source Edition is its open source version. Oracle GlassFish Open Source Edition 5.0 version of the demonstration function has a security vulnerability...
OpenAM Authentication Bypass Vulnerability
ForgeRock OpenAM Open Source Edition is the United States ForgeRock company's set of open source single sign-on framework SSO, which provides core identity services Core Server to achieve a transparent single sign-on in a network architecture such as centralized, distributed single sign-on. A...
OpenAM (Open Source Edition) vulnerable to authentication bypass
Overview OpenAM Open Source Edition contains an authentication bypass vulnerability. Yasushi Iwakata of Open Source Solution Technology Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A user may...
Cicada Knowledge Enterprise Portal open source version 6.5 suffers from cross-site scripting vulnerabilities
Cicada Knowledge Enterprise Portal System is an enterprise portal system designed for enterprise marketing use. Cicada Knowledge Enterprise Portal Open Source Edition 6.5 suffers from a cross-site scripting vulnerability, which can be exploited by attackers to insert malicious js code and obtain...
Oracle GlassFish Server Open Source Edition Licensing Issues Vulnerability
Oracle GlassFish Server Open Source Edition is the United States Oracle Oracle company's set of open source version of the server used to build Java EE server-side Java applications. A security vulnerability exists in Oracle GlassFish Server Open Source Edition version 3.0.1 build 22. An attacker...
Oracle GlassFish Server Open Source Edition Information Disclosure Vulnerability
Oracle GlassFish Server Open Source Edition is the United States Oracle Oracle company's set of open source version of the server used to build Java EE server-side Java applications. A local file inclusion vulnerability exists in Oracle GlassFish Server Open Source Edition version 3.0.1 build 22...
CVE-2017-1000029
Oracle, GlassFish Server Open Source Edition 3.0.1 build 22 is vulnerable to Local File Inclusion vulnerability, that makes it possible to include arbitrary files on the server, this vulnerability can be exploited without any prior authentication...
CVE-2017-1000030
Oracle, GlassFish Server Open Source Edition 3.0.1 build 22 is vulnerable to Java Key Store Password Disclosure vulnerability, that makes it possible to provide an unauthenticated attacker plain text password of administrative user and grant access to the web-based administration interface...
CVE-2017-1000029
Oracle, GlassFish Server Open Source Edition 3.0.1 build 22 is vulnerable to Local File Inclusion vulnerability, that makes it possible to include arbitrary files on the server, this vulnerability can be exploited without any prior authentication...
PT-2017-10738
Name of the Vulnerable Software and Affected Versions GlassFish Server Open Source Edition version 4.1 Description The issue allows for both authenticated and unauthenticated Directory Traversal, which can be exploited by issuing a specially crafted HTTP GET request. Recommendations For GlassFish...
Oracle GlassFish Server 4.1 - Directory Traversal
Oracle GlassFish Server 4.1 - Directory Traversal Trustwave SpiderLabs Security Advisory TWSL2015-016: Path Traversal in Oracle GlassFish Server Open Source Edition Published: 08/27/2015 Version: 1.0 Vendor: Oracle Corporation Project sponsored by Oracle Product: GlassFish Server Open Source...
CVE-2015-1559
Multiple cross-site request forgery CSRF vulnerabilities in administrator.php in Epignosis eFront Open Source Edition before 3.6.15.3 build 18022 allow remote attackers to hijack the authentication of administrators for requests that 1 delete modules via the deletemodule parameter, 2 deactivate...
CVE-2015-1559
CVE-2015-1559 affects Epignosis eFront Open Source Edition up to version 3.6.15.3 build 18022, where multiple CSRF vulnerabilities in administrator.php allow an attacker to hijack administrator sessions and perform actions such as deleting/modifying modules, users, themes, events, language settin...
[Santoku 0.4] Distribution dedicated to mobile forensics, malware analysis and security testing
Santoku includes a number of open source tools dedicated to helping you in every aspect of your mobile forensics, malware analysis, and security testing needs, including: Development Tools: Android SDK Manager AXMLPrinter2 Fastboot Heimdall src | howto Heimdall GUI src | howto SBF Flash Penetrati...