CVE-2012-5763

Cross-site request forgery CSRF vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

Sql injection

SQL injection vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

Authentication flaw

The WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza, when SSL is not enabled, allows remote attackers to discover credentials by sniffing the network during the authentication process...

Cross site scripting

Cross-site scripting XSS vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote authenticated users to inject arbitrary web script or HTML via vectors involving the MHTML protocol...

Cross site scripting

Cross-site scripting XSS vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote authenticated users to inject content, and conduct phishing attacks, via unspecified vectors...

CVE-2012-5762

Cross-site scripting XSS vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote authenticated users to inject arbitrary web script or HTML via vectors involving the MHTML protocol...

CVE-2012-5941

Cross-site scripting XSS vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote authenticated users to inject content, and conduct phishing attacks, via unspecified vectors...

CVE-2012-5763

Cross-site request forgery CSRF vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

CVE-2012-5940

IBM Netezza WebAdmin 6.0.5, 6.0.8, and 7.0 (pre-P2) are affected by CVE-2012-5940: when SSL is not enabled, login requests can be intercepted and credentials exposed during authentication. The IBM advisory assigns remediation to patch IBM Netezza WebAdmin 7.0 with patch level 7.0 P2, and a workar...

CVE-2012-5940

The WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza, when SSL is not enabled, allows remote attackers to discover credentials by sniffing the network during the authentication process...

CVE-2012-5760

SQL injection vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

CVE-2012-5762

CVE-2012-5762 affects IBM Netezza WebAdmin (versions 6.0.5, 6.0.8 and 7.0 before P2). The vulnerability is an XSS allowing remote authenticated users to inject arbitrary script/HTML via MHTML protocol vectors. IBM’s bulletin for this family notes multiple issues and lists CVE-2012-5762 among them...

CVE-2012-5763

CVE-2012-5763 affects IBM Netezza WebAdmin (WebAdmin 6.0.5, 6.0.8, and 7.0 before P2). The IBM bulletin documents a Cross-site request forgery (CSRF) flaw where requests may be accepted without proper authentication verification, potentially allowing remote attackers to hijack user sessions. Root...

CVE-2012-5941

IBM Netezza WebAdmin 6.0.5, 6.0.8, and 7.0 before P2 are affected by CVE-2012-5941, an XSS where user-supplied input is not neutralized before being included in web output, enabling phishing via the WebAdmin interface. The IBM bulletin lists remediation through patch 7.0 P2 (and related SSL guida...

CVE-2012-5761

CVE-2012-5761 affects IBM NetEzta WebAdmin 6.0.5, 6.0.8, and 7.0 before P2. The root cause is that user-controlled input is not properly neutralized before being embedded in the web page output, enabling XSS via unspecified vectors for remote authenticated users. The IBM bulletin lists the impact...

CVE-2012-5760

IBM Netezza WebAdmin is affected by CVE-2012-5760. Affected versions: WebAdmin 6.0.5, 6.0.8 and 7.0 prior to P2. Root cause: elements that could modify a SQL command are not properly neutralized, enabling an authenticated remote user to execute arbitrary SQL commands via unspecified vectors, with...

Alt-N MDaemon WorldClient And WebAdmin - Cross-Site Request Forgery

Alt-N MDaemon WorldClient And WebAdmin - Cross-Site Request Forgery source: https://www.securityfocus.com/bid/58076/info MDaemon WorldClient and WebAdmin are prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain unauthorized...

Alt-N MDaemon WorldClient And WebAdmin - Cross-Site Request Forgery

source: https://www.securityfocus.com/bid/58076/info MDaemon WorldClient and WebAdmin are prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are...