28 matches found
EUVD-2020-19671
Malware in sbrugna...
EUVD-2021-30000
Malicious code in bioql PyPI...
EUVD-2021-29999
Malicious code in bioql PyPI...
EUVD-2021-30001
Malicious code in bioql PyPI...
CVE-2021-43048
The Interior Server and Gateway Server components of TIBCO Software Inc.'s TIBCO PartnerExpress contain a vulnerability that theoretically allows an unauthenticated attacker with network access to execute a clickjacking attack on the affected system. A successful attack using this vulnerability...
CVE-2021-43046
The Interior Server and Gateway Server components of TIBCO Software Inc.'s TIBCO PartnerExpress contain an easily exploitable vulnerability that allows an unauthenticated attacker with network access to obtain session tokens for the affected system. A successful attack using this vulnerability...
CVE-2021-43046
The Interior Server and Gateway Server components of TIBCO Software Inc.'s TIBCO PartnerExpress contain an easily exploitable vulnerability that allows an unauthenticated attacker with network access to obtain session tokens for the affected system. A successful attack using this vulnerability...
CVE-2021-43047
The Interior Server and Gateway Server components of TIBCO Software Inc.'s TIBCO PartnerExpress contain easily exploitable Stored and Reflected Cross Site Scripting XSS vulnerabilities that allow a low privileged attacker to social engineer a legitimate user with network access to execute scripts...
CVE-2021-43047
The Interior Server and Gateway Server components of TIBCO Software Inc.'s TIBCO PartnerExpress contain easily exploitable Stored and Reflected Cross Site Scripting XSS vulnerabilities that allow a low privileged attacker to social engineer a legitimate user with network access to execute scripts...
Code injection
The Interior Server and Gateway Server components of TIBCO Software Inc.'s TIBCO PartnerExpress contain an easily exploitable vulnerability that allows an unauthenticated attacker with network access to obtain session tokens for the affected system. A successful attack using this vulnerability...
Cross site scripting
The Interior Server and Gateway Server components of TIBCO Software Inc.'s TIBCO PartnerExpress contain easily exploitable Stored and Reflected Cross Site Scripting XSS vulnerabilities that allow a low privileged attacker to social engineer a legitimate user with network access to execute scripts...
Code injection
The Interior Server and Gateway Server components of TIBCO Software Inc.'s TIBCO PartnerExpress contain a vulnerability that theoretically allows an unauthenticated attacker with network access to execute a clickjacking attack on the affected system. A successful attack using this vulnerability...
CVE-2021-43048 TIBCO PartnerExpress Click-Jacking vulnerability
The Interior Server and Gateway Server components of TIBCO Software Inc.'s TIBCO PartnerExpress contain a vulnerability that theoretically allows an unauthenticated attacker with network access to execute a clickjacking attack on the affected system. A successful attack using this vulnerability...
CVE-2021-43048
The CVE-2021-43048 vulnerability affects TIBCO PartnerExpress Interior Server and Gateway Server components, specifically versions 6.2.1 and earlier. The issue is a click-jacking vulnerability that can be exploited by an unauthenticated attacker with network access and requires no user interactio...
CVE-2021-43047
CVE-2021-43047 - TIBCO PartnerExpress Cross-Site Scripting (XSS) affects TIBCO PartnerExpress 6.2.1 and earlier, specifically the Interior Server and Gateway Server components. The issue comprises stored and reflected XSS that enables a low-privilege attacker to social engineer a legitimate user ...
CVE-2021-43047 TIBCO PartnerExpress Cross Site Scripting vulnerabilities
The Interior Server and Gateway Server components of TIBCO Software Inc.'s TIBCO PartnerExpress contain easily exploitable Stored and Reflected Cross Site Scripting XSS vulnerabilities that allow a low privileged attacker to social engineer a legitimate user with network access to execute scripts...
TIBCO Partnerexpress 安全漏洞
TIBCO Partnerexpress is a Php-based platform that generates barcodes by product name from TIBCO USA. A security vulnerability exists in the internal server and gateway server components of TIBCO PartnerExpress, versions 6.2.1 and below, which can be exploited by an attacker to perform a...
TIBCO Partnerexpress 加密问题漏洞
TIBCO Partnerexpress is a Php-based platform that generates barcodes by product name from TIBCO USA. A cryptographic issue exists in Tibco PartnerExpress where the product does not encrypt session tokens during interactions. An attacker could obtain the token to simulate an interaction. The...
TIBCO Partnerexpress 跨站脚本漏洞
TIBCO Partnerexpress is a Php-based platform for generating barcodes from product names from TIBCO Corporation. A cross-site scripting vulnerability exists in Tibco PartnerExpress, which originates from the product not validating user input data. The vulnerability can be exploited to execute...
TIBCO Security Advisory: November 16, 2021 - TIBCO PartnerExpress -2021-43048
TIBCO PartnerExpress Click-Jacking vulnerability Original release date: November 16, 2021 Lastrevised: CVE-2021-43048 Source: TIBCO SoftwareInc. Products Affected TIBCO PartnerExpress versions 6.2.1 and below The following components are affected: Interior Server Gateway Server Description The...