137 matches found
NEC Corporation CLUSTERPRO 缓冲区错误漏洞
NEC Corporation CLUSTERPRO is an HA clustering software from NEC. A buffer error vulnerability exists in NEC Corporation CLUSTERPRO X version 1.0 and EXPRESSCLUSTER X version 1.0 that originates from a boundary error in the software transaction server. A remote attacker could exploit the...
NEC Corporation CLUSTERPRO缓冲区错误漏洞
NEC Corporation CLUSTERPRO is an HA clustering software from NEC. A buffer error vulnerability exists in NEC Corporation CLUSTERPRO X version 1.0 and EXPRESSCLUSTER X version 1.0 that originates from a boundary error in the software transaction server. A remote attacker could exploit the...
NEC Corporation CLUSTERPRO 输入验证错误漏洞
NEC Corporation CLUSTERPRO is an HA clustering software from NEC. An input validation error vulnerability exists in NEC Corporation CLUSTERPRO X version 1.0 and EXPRESSCLUSTER X version 1.0, which originates due to insufficient validation of user-supplied input by the software in the transaction...
SAP Internet Transaction Server Cross-Site Scripting Vulnerability
SAP Internet Transaction Server ITS is an Internet-based transaction service program. A cross-site scripting vulnerability exists in SAP ITS version 6200.X.X. A remote attacker can inject arbitrary Web script or HTML with the help of wgate URIs. A remote attacker can exploit this vulnerability to...
SAP Internet Transaction Server 6200.x - Session Fixation / Cross-Site Scripting
Exploit Title: SAP Internet Transaction Server ITS 6200.X.X - Session Fixation/ Cross-Site Scripting Dork: /scripts/wgate/ Date: 25.05.2018 Exploit Author: J. Carrillo Lencina 0xd0m7 Vendor Homepage: https://www.sap.com Version: SAP ITS 6200.X.X Category: Webapps Tested on: All Platforms CVE:...
SAP Internet Transaction Server 6200.x - Session Fixation Cross-Site Scripting
SAP Internet Transaction Server 6200.x - Session Fixation Cross-Site Scripting Exploit Title: SAP Internet Transaction Server ITS 6200.X.X - Session Fixation/ Cross-Site Scripting Dork: /scripts/wgate/ Date: 25.05.2018 Exploit Author: J. Carrillo Lencina 0xd0m7 Vendor Homepage: https://www.sap.co...
SAP Internet Transaction Server 6200.x Session Fixation / Cross Site Scripting
Exploit Title: SAP Internet Transaction Server ITS 6200.X.X - Session Fixation/ Cross-Site Scripting Dork: /scripts/wgate/ Date: 25.05.2018 Exploit Author: J. Carrillo Lencina 0xd0m7 Vendor Homepage: https://www.sap.com Version: SAP ITS 6200.X.X Category: Webapps Tested on: All Platforms CVE:...
CVE-2018-11415
SAP Internet Transaction Server ITS 6200.X.X has Reflected Cross Site Scripting XSS via certain wgate URIs. NOTE: the vendor has reportedly indicated that there will not be any further releases of this product...
CVE-2018-11415
SAP Internet Transaction Server ITS 6200.X.X has Reflected Cross Site Scripting XSS via certain wgate URIs. NOTE: the vendor has reportedly indicated that there will not be any further releases of this product...
CVE-2017-16682
SAP NetWeaver Internet Transaction Server ITS, SAP Basis from 7.00 to 7.02, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker with administrator credentials to inject code that can be executed by the application and thereby control the behavior of the application...
SAP NetWeaver Internet Transaction Server Command Injection Vulnerability
SAP NetWeaver is a service-oriented, integrated application platform from SAP, of which the Internet Transaction Server ITS is a server for applications to communicate with the Internet. A command injection vulnerability exists in ITS in SAP NetWeaver. An attacker could exploit this vulnerability...
cics-info NSE Script
Using the CICS transaction CEMT, this script attempts to gather information about the current CICS transaction server region. It gathers OS information, Datasets files, transactions and user ids. Based on CICSpwn script by Ayoub ELAASSAL. Script Arguments cics-info.trans Instead of gathering all...
SAP Internet Transaction Server Information Disclosure - Ver2 (CVE-2003-0747)
An information disclosure vulnerability has been reported in Sap Internet Transaction Server. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
SAP Internet Transaction Server 6200.1017.50954.0 - Bu WGate wgate.dll ~service Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/29103/info SAP Internet Transaction Server is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to...
sap internet transaction server 4620.2.0.323011 build 46b.323011 - Directory Traversal file disclosure vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8516/info SAP is said to be prone to a directory traversal vulnerability, potentially allowing users to disclose the contents of sensitive files. The problem occurs due to the application failing to parse user-supplied...
SAP Internet Transaction Server 6.10/6.20 Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20244/info SAP Internet Transaction Server ITS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue would allow an attacker to steal...
SAP Internet Transaction Server 6200.1017.50954.0 - Bu query String Javascript Splicing XSS
No description provided by source. source: http://www.securityfocus.com/bid/29103/info SAP Internet Transaction Server is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to...
SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8517/info The 'wgate.dll' componenet of SAP Internet Transaction Server has been reported prone to cross-site scripting attacks. The issue occurs due to a lack of sufficient sanitization performed on data supplied to the...
SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8515/info A vulnerability has been discovered in SAP Internet Transaction Server SITSthat could allow an attacker to obtain sensitive information. The problem occurs due to SITS disclosing sensitive local filesystem...
CVE-2014-3042
IBM CICS Transaction Server 3.1, 3.2, 4.1, 4.2, and 5.1 on z/OS does not properly implement CEMT transactions, which allows remote authenticated users to cause a denial of service storage overlay by using a 3270 emulator to send an invalid 3270 data stream...