150 matches found
HTB22910: XSRF (CSRF) in Feng Office
Vulnerability ID: HTB22910 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinfengoffice.html Product: Feng Office Vendor: Secure Data SRL http://www.fengoffice.com/ Vulnerable Version: 1.7.3.3 and probably prior versions Vendor Notification: 17 March 2011 Vulnerability Type: CSRF Cross-Site...
Microsoft Windows Vista/2003/XP/2000 file management security issues
Title: Microsoft Windows Vista/2003/XP/2000 file management security issues Author: 3APA3A, http://securityvulns.com/ Vendor: Microsoft and potentially another vendors Products: Microsoft Windows Vista/2003/XP/2000, Microsoft resource kit for Windows 2000 and different utilities. Access Vector:...
CA eSCC r81.0 eTrust Audit r81.5 - Arbitrary File Manipulation
CA eSCC r81.0 eTrust Audit r81.5 - Arbitrary File Manipulation source: https://www.securityfocus.com/bid/20139/info CA eTrust Security Command Center eSCC and eTrust Audit are prone to multiple vulnerabilities, including: - an information-disclosure issue - an arbitrary-file-deletion issue - a...
CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Web Server Full Path Disclosure
source: https://www.securityfocus.com/bid/20139/info CA eTrust Security Command Center eSCC and eTrust Audit are prone to multiple vulnerabilities, including: - an information-disclosure issue - an arbitrary-file-deletion issue - a replay issue. These vulnerabilities occur because the software...
CA eSCC r81.0 eTrust Audit r81.5 - Audit Event System Replay Attack
CA eSCC r81.0 eTrust Audit r81.5 - Audit Event System Replay Attack source: https://www.securityfocus.com/bid/20139/info CA eTrust Security Command Center eSCC and eTrust Audit are prone to multiple vulnerabilities, including: - an information-disclosure issue - an arbitrary-file-deletion issue -...
Hydra: FTP
This plugin runs Hydra to find FTP accounts and passwords by brute force. To use this plugin, enter the 'Logins file' and the 'Passwords file' under the 'Hydra NASL wrappers options' advanced settings block. TRUSTED...
CVE-2003-0030
Buffer overflows in protegrity.dll of Protegrity Secure.Data Extension Feature SEF before 2.2.3.9 allow attackers with SQL access to execute arbitrary code via the extended stored procedures 1 xpptycheckusers, 2 xpptyinsert, or 3 xpptyselect...
CVE-2003-0030
Buffer overflows in protegrity.dll of Protegrity Secure.Data Extension Feature SEF before 2.2.3.9 allow attackers with SQL access to execute arbitrary code via the extended stored procedures 1 xpptycheckusers, 2 xpptyinsert, or 3 xpptyselect...
Обход защиты паролем в eserv (protection bypass)
Можно обратиться к защищенным данным добавив '.' в путь: http://host/./passwordprotected/...
Дырка в Cisco/Arrowpoint CSS (FTP access)
По протоколу FTP непривилегированный пользовать может получить доступ к защищенным данным...