31 matches found
Alohi: Waitlist bypass for accessing SIGN.PLUS Beta
During SIGN.PLUS beta phase, it was found out that hackers could trick the API response and pretend to have been accepted into the beta program. All server operations would be blocked, but the UI client would be accessible, exposing the work-in-progress design to non-beta users. There was no...
CVE-2020-5335
RSA Archer, versions prior to 6.7 P2 6.7.0.2, contain a cross-site request forgery vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to send arbitrary requests to the vulnerable application to perform server...
CVE-2020-5335
RSA Archer, versions prior to 6.7 P2 6.7.0.2, contain a cross-site request forgery vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to send arbitrary requests to the vulnerable application to perform server...
Cross site request forgery (csrf)
RSA Archer, versions prior to 6.7 P2 6.7.0.2, contain a cross-site request forgery vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to send arbitrary requests to the vulnerable application to perform server...
The vulnerability of the MySQL database management system allows attackers to compromise the integrity and accessibility of information.
The vulnerability of the MySQL database management system is related to errors in the code. Exploiting this vulnerability allows a malicious actor to affect the integrity and accessibility of information by interfering with the DML operations on the server...
The vulnerability of Oracle Siebel CRM’s system for managing customer relationships allows attackers to compromise the confidentiality of information.
The vulnerability of the Siebel Core component – the Server OM Svcs part of the Oracle Siebel CRM system’s customer relationship management system – is related to code errors. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality of sensitive information...
The vulnerability of the Oracle Siebel CRM system’s customer relationship management system allows attackers to compromise the confidentiality of customer information.
The vulnerability of the Siebel Core component – the Server OM Svcs part of the Oracle Siebel CRM system’s customer relationship management system – is related to code errors. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality of sensitive information...
CVE-2015-0387
Unspecified vulnerability in the Siebel Core - Server OM Services component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via vectors related to Security - LDAP Security Adapter...
Vanilla Forum p Parameter Local File Inclusion
The remote web server hosts Vanilla Forums, an open source forum software written in PHP. The installed version of Vanilla Forums uses a '/' character in the 'AnalyzeRequest' method in 'library/core/class.dispatcher.php' to separate input passed via the 'p' parameter of the 'index.php' script int...
netbeware.txt
Novell Netware 6.5 Remote Manager HTML Injection Exploit Username: Password: Example -- Username: "var ex=new ActiveXObject"WScript.Shell";ex.run'cmd.exe /C ver';...
Xato Advisory: FrontPage DOS Device DoS
----------------------------------------------------------------------- Xato Network Security, Inc. www.xato.net Security Advisory XATO-082000-01 August 17, 2000 FRONTPAGE SERVER EXTENSIONS SHTML.EXE DENIAL OF SERVICE --DOS Device DoS--...