286 matches found
CVE-2013-1410
Perforce P4web 2011.1 and 2012.1 has multiple XSS vulnerabilities...
Sensitive Information Leakage
Jenkins perforce plugin is vulnerable to sensitive information leakage. It does not properly secure the credentials because PerforcePasswordEncryptor.java. uses DES and an encryption key stored in its public source code, allowing unauthorized users to get the Perforce passwords configured in jobs...
CVE-2018-1000147
An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with insufficient permission to obtain Perforce passwords configured in jobs to obtain them...
Information disclosure
An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with local file system access to obtain encrypted Perforce passwords and decrypt them...
Design/Logic Flaw
An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with insufficient permission to obtain Perforce passwords configured in jobs to obtain them...
CVE-2018-1000145
An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with local file system access to obtain encrypted Perforce passwords and decrypt them...
CVE-2018-1000145
An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with local file system access to obtain encrypted Perforce passwords and decrypt them...
CVE-2018-1000147
An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with insufficient permission to obtain Perforce passwords configured in jobs to obtain them...
CVE-2018-1000145
CVE-2018-1000145 affects the Jenkins Perforce Plugin up to version 1.3.36 and older. The issue is in PerforcePasswordEncryptor.java, where an attacker with local file system access can obtain encrypted Perforce passwords and decrypt them. The connected documents corroborate that this is a sensiti...
CVE-2018-1000145
An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with local file system access to obtain encrypted Perforce passwords and decrypt them...
CVE-2018-1000147
An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with insufficient permission to obtain Perforce passwords configured in jobs to obtain them...
CVE-2018-1000147
Jenkins Perforce Plugin vulnerability CVE-2018-1000147 affects versions 1.3.36 and earlier, where PerforcePasswordEncryptor.java leaks Perforce passwords configured in jobs to attackers with insufficient permissions. Exploitation details, affected versions, and impact are described in multiple so...
Perforce Server 2007.3 - Multiple Remote Denial of Service Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/28108/info Perforce Server is prone to multiple remote denial-of-service vulnerabilities. An attacker can exploit these issues to crash the affected application or cause excessive memory to be consumed, denying service to...
Perforce P4web 2011 / 2012 Web Client Cross Site Scripting
Exploit Title: Perforce P4web 2011/2012 Web Client XSS Vulnerability Date: 21 Jan 2013 Researcher: Christy Philip Mathew Email: [email protected] Vendor or Software Link: http://filehost.perforce.com/perforce/r11.1/bin.ntx86/p4webinst.exe...
Perforce P4web 2011/2012 Web Client XSS Vulnerability
Exploit for php platform in category web applications Exploit Title: Perforce P4web 2011/2012 Web Client XSS Vulnerability Date: 21 Jan 2013 Researcher: Christy Philip Mathew Email: email protected Vendor or Software Link: http://filehost.perforce.com/perforce/r11.1/bin.ntx86/p4webinst.exe...
Perforce P4Web - Multiple Cross-Site Scripting Vulnerabilities
Perforce P4Web - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/57514/info Perforce P4Web is prone to multiple cross site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issue...
Perforce P4Web - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/57514/info Perforce P4Web is prone to multiple cross site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...
Perforce Multiple Vulnerabilities
Perforce Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
Perforce Socket Hijacking Vulnerability
Perforce is prone to a vulnerability that allows attackers to hijack sockets. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
Perforce 2009.2 Multiple Vulnerabilities
Perforce Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...