62 matches found
CVE-2022-22778
The Web Server component of TIBCO Software Inc.'s TIBCO BusinessConnect Trading Community Management contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to execute Cross-Site Request Forgery CSRF on the affected system. A successful attack usin...
CVE-2021-35498 TIBCO EBX Insecure Login Mechanism
The TIBCO EBX Web Server component of TIBCO Software Inc.'s TIBCO EBX, TIBCO EBX, TIBCO EBX, and TIBCO Product and Service Catalog powered by TIBCO EBX contains a vulnerability that under certain specific conditions allows an attacker to enter a password other than the legitimate password and it...
Unspecified Vulnerability in Oracle BI Publisher (CNVD-2021-04812)
Oracle BI Publisher is a reporting solution that makes it easier and faster than traditional reporting tools to produce, manage and deliver all reports and documents. An unspecified vulnerability exists in the Web Server component in Oracle BI Publisher 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0,...
Oracle Fusion Middleware 安全漏洞
Oracle BI Publisher is a reporting solution that makes it easier and faster than traditional reporting tools to produce, manage and deliver all reports and documents. An unspecified vulnerability exists in the Web Server component in Oracle BI Publisher 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0,...
CVE-2020-10374
A webserver component in Paessler PRTG Network Monitor 19.2.50 to PRTG 20.1.56 allows unauthenticated remote command execution via a crafted POST request or the what parameter of the screenshot function in the Contact Support form...
CVE-2019-17333
The Web server component of TIBCO Software Inc.'s TIBCO EBX contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting XSS attacks. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions 5.8.1.fixS and below, versions 5.9.3, 5.9.4, 5.9.5...
TIBCO Software EBX Web Server Component Cross-Site Scripting Vulnerability
TIBCO Software EBX is a suite of enterprise data management solutions from TIBCO Software, USA. A cross-site scripting vulnerability exists in the web server component of TIBCO Software EBX, which stems from a lack of proper validation of client data in the web application and can be exploited by...
Oracle Fusion Middleware HTTP Server Component Access Control Error Vulnerability
Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle. The platform provides middleware, software collection and other functions. HTTP Server is one of the HTTP server component. A security vulnerability exist...
Microsoft Windows 'HTTP.sys' Denial of Service Vulnerability
Microsoft Windows 10, Windows Server 2016, and Windows Server Version 1709 are products of Microsoft Corporation.Microsoft Windows 10 is a cross-platform operating system for PCs and devices such as laptops, tablets, and mobile phones.Windows Server 2016 and Windows Server Version 1709 are server...
CVE-2017-13696
A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9.9.14, Sync Breeze Enterprise 9.9.16, and Disk Pulse Enterprise 9.9.16 where an attacker can craft a malicious GET request and exploit the web server component. Successful...
TIBCO tibbr web server component elevation of privilege vulnerability
TIBCO tibbr is a set of enterprise social platform software from TIBCO Software. The software includes features for posting news, making announcements, and sharing online. tibbr web server is one of the web server components. A security vulnerability exists in the tibbr web server component of...
CVE-2017-10030
Vulnerability in the BI Publisher component of Oracle Fusion Middleware subcomponent: Web Server. The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher. Successful attacks...
CVE-2017-10028
Vulnerability in the BI Publisher component of Oracle Fusion Middleware subcomponent: Web Server. The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher. Successful attacks...
SurgeLDAP 1.0 d User.CGI Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8407/info SurgeLDAP is prone to cross-site scripting attacks. Remote attackers may exploit this issue by enticing a user to visiting a malicious link that includes hostile HTML and script code. This code may be rendered i...
SurgeLDAP 1.0 d Path Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8406/info SurgeLDAP is prone to a path disclosure vulnerability. It is possible to gain access to sensitive path information by issuing an HTTP GET request for an invalid resource. This issue exists in the web server...
Cogent Datahub Stack Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cogent Datahub. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web server component's handling of HTTP headers. By sending an overlarge HTTP heade...
CVE-2011-4435
The web-server component in the Consolidation and Analysis Engine CAE Server in DB2 Query Monitor in IBM DB2 Tools 2.3.0 for z/OS does not prevent directory browsing, which allows remote attackers to obtain sensitive information via HTTP requests...
CVE-2011-4435
The web-server component in the Consolidation and Analysis Engine CAE Server in DB2 Query Monitor in IBM DB2 Tools 2.3.0 for z/OS does not prevent directory browsing, which allows remote attackers to obtain sensitive information via HTTP requests...
SoftArtisans FileUp(TM) viewsrc.asp remote script source disclosure exploit
Inge Henriksen Security Advisory - Full Disclosure Proof of Concept at http://ingehenriksen.blogspot.com/ Advisory Name: SoftArtisans FileUpTM viewsrc.asp remote script source disclosure exploit Tested and Confirmed Vulerable: SoftArtisans SAFileUpTM 5.0.14 Standard Severity: High Type: Script...
Kukol E.V. HTTP & FTP Server Suite 6.2 - File Disclosure
source: https://www.securityfocus.com/bid/8564/info The web server component of Kukol E.V. HTTP & FTP Server Suite is prone to a file disclosure vulnerability. Remote web users may use directory traversal sequences in requests to gain access to files outside of the server's web root directory...