475 matches found
CVE-2020-14721
Vulnerability in the Oracle Enterprise Communications Broker product of Oracle Communications Applications component: WebGUI. Supported versions that are affected are 3.0.0-3.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...
CVE-2020-14722
Vulnerability in the Oracle Enterprise Communications Broker product of Oracle Communications Applications component: WebGUI. Supported versions that are affected are 3.0.0-3.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
Design/Logic Flaw
Vulnerability in the Oracle Enterprise Communications Broker product of Oracle Communications Applications component: WebGUI. Supported versions that are affected are 3.0.0-3.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
Design/Logic Flaw
Vulnerability in the Oracle Enterprise Communications Broker product of Oracle Communications Applications component: WebGUI. Supported versions that are affected are 3.0.0-3.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2020-14721
CVE-2020-14721 affects Oracle Enterprise Communications Broker WebGUI (Oracle Communications Applications), versions 3.0.0–3.2.0. Root cause: vulnerability in WebGUI allows a low-privileged attacker with network access over HTTP to compromise data and service availability. Impact per sources: una...
CVE-2020-14563
CVE-2020-14563 affects Oracle Enterprise Communications Broker WebGUI (versions 3.0.0–3.2.0). The vulnerability allows an unauthenticated attacker with network access via HTTP to compromise the broker, with exploitation requiring user interaction. CVSS‑3.1 base score is 6.1 (Confidentiality and I...
CVE-2020-14563
Vulnerability in the Oracle Enterprise Communications Broker product of Oracle Communications Applications component: WebGUI. Supported versions that are affected are 3.0.0-3.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
Unspecified Vulnerability in Oracle Enterprise Communications Broker (CNVD-2020-54680)
Oracle Enterprise Communications Broker is a core session manager designed to simplify complex multi-vendor VoIP and unified communications UC networks. A security vulnerability exists in the WebGUI component in Oracle Enterprise Communications Broker 3.0.0-3.2.0. An attacker could exploit the...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2020-4362)
Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2020-4329)
Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2019-4720)
Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...
Unraid webGui remote code execution
Added: 04/30/2020 CVE: CVE-2020-5847 Background Unraid is a network-attached storage operating system. It runs a web-based graphical user interface webGui written in PHP. Problem The Unraid webGui uses the PHP extract function to load all GET parameters into the application as variables, allowing...
Unraid webGui remote code execution
Added: 04/30/2020 CVE: CVE-2020-5847 Background Unraid is a network-attached storage operating system. It runs a web-based graphical user interface webGui written in PHP. Problem The Unraid webGui uses the PHP extract function to load all GET parameters into the application as variables, allowing...
Unraid webGui remote code execution
Added: 04/30/2020 CVE: CVE-2020-5847 Background Unraid is a network-attached storage operating system. It runs a web-based graphical user interface webGui written in PHP. Problem The Unraid webGui uses the PHP extract function to load all GET parameters into the application as variables, allowing...
CVE-2020-11457
pfSense before 2.4.5 has stored XSS in systemusermanageraddprivs.php in the WebGUI via the descr parameter aka full name of a user...
CVE-2020-11457
pfSense before 2.4.5 has stored XSS in systemusermanageraddprivs.php in the WebGUI via the descr parameter aka full name of a user...
Cross site scripting
pfSense before 2.4.5 has stored XSS in systemusermanageraddprivs.php in the WebGUI via the descr parameter aka full name of a user...
CVE-2020-11457
PfSense present a stored XSS (via the descr field) in the WebGUI’s User Manager addprivs flow. Affected product: pfSense prior to 2.4.5; root cause: lack of input validation in system_usermanager_addprivs.php allowing arbitrary script payloads to be stored as a user’s Full Name. Impact: potential...
CVE-2020-11457
pfSense before 2.4.5 has stored XSS in systemusermanageraddprivs.php in the WebGUI via the descr parameter aka full name of a user...
Security Bulletin: A security vulnerability has been identified in Tivoli Netcool/OMNIbus WebGUI shipped with IBM Operations Analytics Predictive Insights (CVE-2020-4199)
Summary Tivoli Netcool/OMNIbus WebGUI is shipped as a component of IBM Operations Analytics Predictive Insights. Information about a security vulnerability affecting Tivoli Netcool/OMNIbus WebGUI has been published in a security bulletin. Vulnerability Details Refer to the security bulletinss...