Lucene search
K

62 matches found

ATTACKERKB
ATTACKERKB
added 2022/05/18 5:0 p.m.4 views

CVE-2022-22778

The Web Server component of TIBCO Software Inc.'s TIBCO BusinessConnect Trading Community Management contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to execute Cross-Site Request Forgery CSRF on the affected system. A successful attack usin...

8.8CVSS7.4AI score0.00393EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/10/13 4:55 p.m.24 views

CVE-2021-35498 TIBCO EBX Insecure Login Mechanism

The TIBCO EBX Web Server component of TIBCO Software Inc.'s TIBCO EBX, TIBCO EBX, TIBCO EBX, and TIBCO Product and Service Catalog powered by TIBCO EBX contains a vulnerability that under certain specific conditions allows an attacker to enter a password other than the legitimate password and it...

9.8CVSS9.7AI score0.01271EPSS
Exploits0References2
CNVD
CNVD
added 2021/01/20 12:0 a.m.3 views

Unspecified Vulnerability in Oracle BI Publisher (CNVD-2021-04812)

Oracle BI Publisher is a reporting solution that makes it easier and faster than traditional reporting tools to produce, manage and deliver all reports and documents. An unspecified vulnerability exists in the Web Server component in Oracle BI Publisher 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0,...

7.6CVSS9.1AI score0.00922EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/01/19 12:0 a.m.8 views

Oracle Fusion Middleware 安全漏洞

Oracle BI Publisher is a reporting solution that makes it easier and faster than traditional reporting tools to produce, manage and deliver all reports and documents. An unspecified vulnerability exists in the Web Server component in Oracle BI Publisher 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0,...

7.6CVSS7.2AI score0.00922EPSS
Exploits0References3
NVD
NVD
added 2020/03/30 10:15 p.m.16 views

CVE-2020-10374

A webserver component in Paessler PRTG Network Monitor 19.2.50 to PRTG 20.1.56 allows unauthenticated remote command execution via a crafted POST request or the what parameter of the screenshot function in the Contact Support form...

9.8CVSS9.5AI score0.04667EPSS
Exploits0References3
OSV
OSV
added 2020/02/19 7:15 p.m.3 views

CVE-2019-17333

The Web server component of TIBCO Software Inc.'s TIBCO EBX contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting XSS attacks. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions 5.8.1.fixS and below, versions 5.9.3, 5.9.4, 5.9.5...

5.4CVSS5.7AI score0.00678EPSS
Exploits0References2
CNVD
CNVD
added 2019/12/06 12:0 a.m.3 views

TIBCO Software EBX Web Server Component Cross-Site Scripting Vulnerability

TIBCO Software EBX is a suite of enterprise data management solutions from TIBCO Software, USA. A cross-site scripting vulnerability exists in the web server component of TIBCO Software EBX, which stems from a lack of proper validation of client data in the web application and can be exploited by...

9.6CVSS6.6AI score0.00968EPSS
Exploits0References1
CNVD
CNVD
added 2019/07/17 12:0 a.m.2 views

Oracle Fusion Middleware HTTP Server Component Access Control Error Vulnerability

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle. The platform provides middleware, software collection and other functions. HTTP Server is one of the HTTP server component. A security vulnerability exist...

5.9CVSS6.8AI score0.01422EPSS
Exploits0References1
CNVD
CNVD
added 2018/04/12 12:0 a.m.3 views

Microsoft Windows 'HTTP.sys' Denial of Service Vulnerability

Microsoft Windows 10, Windows Server 2016, and Windows Server Version 1709 are products of Microsoft Corporation.Microsoft Windows 10 is a cross-platform operating system for PCs and devices such as laptops, tablets, and mobile phones.Windows Server 2016 and Windows Server Version 1709 are server...

7.8CVSS6.6AI score0.13836EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/01/24 3:0 p.m.15 views

CVE-2017-13696

A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9.9.14, Sync Breeze Enterprise 9.9.16, and Disk Pulse Enterprise 9.9.16 where an attacker can craft a malicious GET request and exploit the web server component. Successful...

9.8AI score0.79671EPSS
Exploits3References5
CNVD
CNVD
added 2017/12/15 12:0 a.m.4 views

TIBCO tibbr web server component elevation of privilege vulnerability

TIBCO tibbr is a set of enterprise social platform software from TIBCO Software. The software includes features for posting news, making announcements, and sharing online. tibbr web server is one of the web server components. A security vulnerability exists in the tibbr web server component of...

8.1CVSS7AI score0.00859EPSS
Exploits0References1
OSV
OSV
added 2017/08/08 3:29 p.m.5 views

CVE-2017-10030

Vulnerability in the BI Publisher component of Oracle Fusion Middleware subcomponent: Web Server. The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher. Successful attacks...

8.2CVSS7.3AI score0.01929EPSS
Exploits0References3
OSV
OSV
added 2017/08/08 3:29 p.m.4 views

CVE-2017-10028

Vulnerability in the BI Publisher component of Oracle Fusion Middleware subcomponent: Web Server. The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher. Successful attacks...

8.2CVSS7.3AI score0.01929EPSS
Exploits0References3
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

SurgeLDAP 1.0 d User.CGI Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8407/info SurgeLDAP is prone to cross-site scripting attacks. Remote attackers may exploit this issue by enticing a user to visiting a malicious link that includes hostile HTML and script code. This code may be rendered i...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

SurgeLDAP 1.0 d Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8406/info SurgeLDAP is prone to a path disclosure vulnerability. It is possible to gain access to sensitive path information by issuing an HTTP GET request for an invalid resource. This issue exists in the web server...

7.1AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2013/07/26 12:0 a.m.41 views

Cogent Datahub Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cogent Datahub. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web server component's handling of HTTP headers. By sending an overlarge HTTP heade...

10CVSS7.8AI score
Exploits0References1
NVD
NVD
added 2011/11/11 9:55 p.m.9 views

CVE-2011-4435

The web-server component in the Consolidation and Analysis Engine CAE Server in DB2 Query Monitor in IBM DB2 Tools 2.3.0 for z/OS does not prevent directory browsing, which allows remote attackers to obtain sensitive information via HTTP requests...

5CVSS6AI score0.01229EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2011/11/11 9:55 p.m.22 views

CVE-2011-4435

The web-server component in the Consolidation and Analysis Engine CAE Server in DB2 Query Monitor in IBM DB2 Tools 2.3.0 for z/OS does not prevent directory browsing, which allows remote attackers to obtain sensitive information via HTTP requests...

5CVSS5.9AI score0.01229EPSS
Exploits0References1
securityvulns
securityvulns
added 2006/12/31 12:0 a.m.44 views

SoftArtisans FileUp(TM) viewsrc.asp remote script source disclosure exploit

Inge Henriksen Security Advisory - Full Disclosure Proof of Concept at http://ingehenriksen.blogspot.com/ Advisory Name: SoftArtisans FileUpTM viewsrc.asp remote script source disclosure exploit Tested and Confirmed Vulerable: SoftArtisans SAFileUpTM 5.0.14 Standard Severity: High Type: Script...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2003/09/08 12:0 a.m.32 views

Kukol E.V. HTTP & FTP Server Suite 6.2 - File Disclosure

source: https://www.securityfocus.com/bid/8564/info The web server component of Kukol E.V. HTTP & FTP Server Suite is prone to a file disclosure vulnerability. Remote web users may use directory traversal sequences in requests to gain access to files outside of the server's web root directory...

7.4AI score
Exploits0
Rows per page
Query Builder