CVE-2014-3460

Summary (CVE-2014-3460): A directory traversal vulnerability in the DumpToFile method of the NQMcsVarSet ActiveX control (Agent Manager component of NetIQ Sentinel) allows remote attackers to create arbitrary files and potentially execute code via a crafted pathname. Affected products/versions in...

CVE-2014-3460

Directory traversal vulnerability in the DumpToFile method in the NQMcsVarSet ActiveX control in Agent Manager in NetIQ Sentinel allows remote attackers to create arbitrary files, and consequently execute arbitrary code, via a crafted pathname...

SafeNet Sentinel Directory Traversal

!/usr/bin/python Exploit Title: SafeNet Sentinel Protection Server 7.0 - 7.4 and Sentinel Keys Server 1.0.3 - 1.0.4 Directory Traversal Date: 04/28/2014 Exploit Author: Matt Schmidt Syph0n Vendor Homepage: http://www.safenet-inc.com/ Software Link:...

SafeNet Sentinel Protection Server and Sentinel Keys Server Directory Traversal (Apr 2014) - Active Check

SafeNet Sentinel Protection Server and Sentinel Keys Server are prone to a directory traversal vulnerability because they fail to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

SafeNet Sentinel Protection Server 7.0 - 7.4 and Sentinel Keys Server 1.0.3 - 1.0.4 Directory Traver

Exploit for windows platform in category web applications !/usr/bin/python Exploit Title: SafeNet Sentinel Protection Server 7.0 - 7.4 and Sentinel Keys Server 1.0.3 - 1.0.4 Directory Traversal Date: 04/28/2014 Exploit Author: Matt Schmidt Syph0n Vendor Homepage: http://www.safenet-inc.com/...

SafeNet Sentinel Protection Server 7.0 < 7.4 / Sentinel Keys Server 1.0.3 < 1.0.4 - Directory Traversal

!/usr/bin/python Exploit Title: SafeNet Sentinel Protection Server 7.0 - 7.4 and Sentinel Keys Server 1.0.3 - 1.0.4 Directory Traversal Date: 04/28/2014 Exploit Author: Matt Schmidt Syph0n Vendor Homepage: http://www.safenet-inc.com/ Software Link:...

(0Day) Novell NetIQ Sentinel Agent Manager NQMcsVarSet DumpToFile Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell NetIQ. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the NQMcsVarSet...

SafeNet Sentinel Protection Server 7.0 7.4 Sentinel Keys Server 1.0.3 1.0.4 - Directory Traversal

SafeNet Sentinel Protection Server 7.0 7.4 Sentinel Keys Server 1.0.3 1.0.4 - Directory Traversal !/usr/bin/python Exploit Title: SafeNet Sentinel Protection Server 7.0 - 7.4 and Sentinel Keys Server 1.0.3 - 1.0.4 Directory Traversal Date: 04/28/2014 Exploit Author: Matt Schmidt Syph0n Vendor...

CVE-2012-6534

Novell Sentinel Log Manager before 1.2.0.3 allows remote attackers to create data retention policies via a crafted text/x-gwt-rpc request to novelllogmanager/datastorageservice.rpc, and allows remote authenticated Report Administrators to create data retention policies via a search-results "Save...

Design/Logic Flaw

Novell Sentinel Log Manager before 1.2.0.3 allows remote attackers to create data retention policies via a crafted text/x-gwt-rpc request to novelllogmanager/datastorageservice.rpc, and allows remote authenticated Report Administrators to create data retention policies via a search-results "Save...

CVE-2012-6534

CVE-2012-6534 affects Novell Sentinel Log Manager prior to 1.2.0.3. The vulnerability allows remote attackers to create data retention policies via a crafted text/x-gwt-rpc request to novelllogmanager/datastorageservice.rpc, and enables remote authenticated Report Administrators to create data re...

CVE-2012-6534

Novell Sentinel Log Manager before 1.2.0.3 allows remote attackers to create data retention policies via a crafted text/x-gwt-rpc request to novelllogmanager/datastorageservice.rpc, and allows remote authenticated Report Administrators to create data retention policies via a search-results "Save...

Novell Sentinel Log Manager Retention Policy Security Restriction Bypass

A policy bypass vulnerability has been reported in Novell Sentinel Log Manager. The vulnerability is due to insufficient validation of incoming requests. A remote attacker can exploit this vulnerability by sending a specially crafted request to the target. Successful exploitation would allow...

Novell Sentinel Log Manager Retention Policy Security Bypass Vulnerability

Novell Sentinel Log Manager is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Novell Sentinel Log Manager Web Detection

The web management interface for Novell Sentinel Log Manager formerly known as NetIQ Sentinel Log Manager was detected on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid62967; scriptversion"1.3"; scriptcvsdate"Date: 2019/11/22";...

Novell Sentinel Log Manager Authentication Bypass

The version of Novell Sentinel Log Manager hosted on the remote web server has an authentication bypass vulnerability. It is possible to execute GWT-RPC methods without authentication. A remote, unauthenticated attacker could exploit this to perform actions that should require administrative...

CVE-2011-5226

Cross-site request forgery CSRF vulnerability in wordpresssentinel.php in the Sentinel plugin 1.0.0 for WordPress allows remote attackers to hijack the authentication of an administrator for requests that trigger snapshots...

CVE-2011-5225

Cross-site scripting XSS vulnerability in wordpresssentinel.php in the Sentinel plugin 1.0.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in wordpresssentinel.php in the Sentinel plugin 1.0.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

Sql injection

SQL injection vulnerability in the Sentinel plugin 1.0.0 for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors...