Lucene search
K

137 matches found

CNNVD
CNNVD
added 2021/10/29 12:0 a.m.7 views

NEC Corporation CLUSTERPRO 缓冲区错误漏洞

NEC Corporation CLUSTERPRO is an HA clustering software from NEC. A buffer error vulnerability exists in NEC Corporation CLUSTERPRO X version 1.0 and EXPRESSCLUSTER X version 1.0 that originates from a boundary error in the software transaction server. A remote attacker could exploit the...

9.8CVSS9.2AI score0.02131EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/10/29 12:0 a.m.11 views

NEC Corporation CLUSTERPRO缓冲区错误漏洞

NEC Corporation CLUSTERPRO is an HA clustering software from NEC. A buffer error vulnerability exists in NEC Corporation CLUSTERPRO X version 1.0 and EXPRESSCLUSTER X version 1.0 that originates from a boundary error in the software transaction server. A remote attacker could exploit the...

9.8CVSS9.2AI score0.02073EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/10/29 12:0 a.m.6 views

NEC Corporation CLUSTERPRO 输入验证错误漏洞

NEC Corporation CLUSTERPRO is an HA clustering software from NEC. An input validation error vulnerability exists in NEC Corporation CLUSTERPRO X version 1.0 and EXPRESSCLUSTER X version 1.0, which originates due to insufficient validation of user-supplied input by the software in the transaction...

7.5CVSS8AI score0.00954EPSS
Exploits0References3
CNVD
CNVD
added 2018/05/28 12:0 a.m.1 views

SAP Internet Transaction Server Cross-Site Scripting Vulnerability

SAP Internet Transaction Server ITS is an Internet-based transaction service program. A cross-site scripting vulnerability exists in SAP ITS version 6200.X.X. A remote attacker can inject arbitrary Web script or HTML with the help of wgate URIs. A remote attacker can exploit this vulnerability to...

6.1CVSS5.9AI score0.08305EPSS
Exploits4References1
Exploit DB
Exploit DB
added 2018/05/25 12:0 a.m.42 views

SAP Internet Transaction Server 6200.x - Session Fixation / Cross-Site Scripting

Exploit Title: SAP Internet Transaction Server ITS 6200.X.X - Session Fixation/ Cross-Site Scripting Dork: /scripts/wgate/ Date: 25.05.2018 Exploit Author: J. Carrillo Lencina 0xd0m7 Vendor Homepage: https://www.sap.com Version: SAP ITS 6200.X.X Category: Webapps Tested on: All Platforms CVE:...

6.1CVSS6.3AI score0.08305EPSS
Exploits4
exploitpack
exploitpack
added 2018/05/25 12:0 a.m.21 views

SAP Internet Transaction Server 6200.x - Session Fixation Cross-Site Scripting

SAP Internet Transaction Server 6200.x - Session Fixation Cross-Site Scripting Exploit Title: SAP Internet Transaction Server ITS 6200.X.X - Session Fixation/ Cross-Site Scripting Dork: /scripts/wgate/ Date: 25.05.2018 Exploit Author: J. Carrillo Lencina 0xd0m7 Vendor Homepage: https://www.sap.co...

4.3CVSS6.1AI score0.08305EPSS
Exploits4
Packet Storm
Packet Storm
added 2018/05/25 12:0 a.m.41 views

SAP Internet Transaction Server 6200.x Session Fixation / Cross Site Scripting

Exploit Title: SAP Internet Transaction Server ITS 6200.X.X - Session Fixation/ Cross-Site Scripting Dork: /scripts/wgate/ Date: 25.05.2018 Exploit Author: J. Carrillo Lencina 0xd0m7 Vendor Homepage: https://www.sap.com Version: SAP ITS 6200.X.X Category: Webapps Tested on: All Platforms CVE:...

6.4AI score0.08305EPSS
Exploits4
NVD
NVD
added 2018/05/24 7:29 p.m.32 views

CVE-2018-11415

SAP Internet Transaction Server ITS 6200.X.X has Reflected Cross Site Scripting XSS via certain wgate URIs. NOTE: the vendor has reportedly indicated that there will not be any further releases of this product...

6.1CVSS6.1AI score0.08305EPSS
Exploits4References3
Cvelist
Cvelist
added 2018/05/24 7:0 p.m.35 views

CVE-2018-11415

SAP Internet Transaction Server ITS 6200.X.X has Reflected Cross Site Scripting XSS via certain wgate URIs. NOTE: the vendor has reportedly indicated that there will not be any further releases of this product...

6.1AI score0.08305EPSS
Exploits4References3
OSV
OSV
added 2017/12/12 2:29 p.m.3 views

CVE-2017-16682

SAP NetWeaver Internet Transaction Server ITS, SAP Basis from 7.00 to 7.02, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker with administrator credentials to inject code that can be executed by the application and thereby control the behavior of the application...

7.2CVSS5.8AI score0.0159EPSS
Exploits0References3
CNVD
CNVD
added 2017/11/15 12:0 a.m.2 views

SAP NetWeaver Internet Transaction Server Command Injection Vulnerability

SAP NetWeaver is a service-oriented, integrated application platform from SAP, of which the Internet Transaction Server ITS is a server for applications to communicate with the Internet. A command injection vulnerability exists in ITS in SAP NetWeaver. An attacker could exploit this vulnerability...

7.2CVSS7.4AI score0.0159EPSS
Exploits0References1
Nmap
Nmap
added 2017/03/01 8:41 p.m.307 views

cics-info NSE Script

Using the CICS transaction CEMT, this script attempts to gather information about the current CICS transaction server region. It gathers OS information, Datasets files, transactions and user ids. Based on CICSpwn script by Ayoub ELAASSAL. Script Arguments cics-info.trans Instead of gathering all...

10CVSS0.99448EPSS
Exploits33
Check Point Advisories
Check Point Advisories
added 2015/03/26 12:0 a.m.2 views

SAP Internet Transaction Server Information Disclosure - Ver2 (CVE-2003-0747)

An information disclosure vulnerability has been reported in Sap Internet Transaction Server. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

5CVSS5.6AI score0.02839EPSS
Exploits1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.10 views

SAP Internet Transaction Server 6200.1017.50954.0 - Bu WGate wgate.dll ~service Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/29103/info SAP Internet Transaction Server is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

sap internet transaction server 4620.2.0.323011 build 46b.323011 - Directory Traversal file disclosure vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8516/info SAP is said to be prone to a directory traversal vulnerability, potentially allowing users to disclose the contents of sensitive files. The problem occurs due to the application failing to parse user-supplied...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

SAP Internet Transaction Server 6.10/6.20 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20244/info SAP Internet Transaction Server ITS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue would allow an attacker to steal...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.10 views

SAP Internet Transaction Server 6200.1017.50954.0 - Bu query String Javascript Splicing XSS

No description provided by source. source: http://www.securityfocus.com/bid/29103/info SAP Internet Transaction Server is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8517/info The 'wgate.dll' componenet of SAP Internet Transaction Server has been reported prone to cross-site scripting attacks. The issue occurs due to a lack of sufficient sanitization performed on data supplied to the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8515/info A vulnerability has been discovered in SAP Internet Transaction Server SITSthat could allow an attacker to obtain sensitive information. The problem occurs due to SITS disclosing sensitive local filesystem...

7.1AI score
Exploits0
NVD
NVD
added 2014/06/10 11:19 a.m.15 views

CVE-2014-3042

IBM CICS Transaction Server 3.1, 3.2, 4.1, 4.2, and 5.1 on z/OS does not properly implement CEMT transactions, which allows remote authenticated users to cause a denial of service storage overlay by using a 3270 emulator to send an invalid 3270 data stream...

4CVSS6.1AI score0.01418EPSS
Exploits0References7
Rows per page
Query Builder