66 matches found
HCL BigFix Platform 安全漏洞
HCL Technologies HCL BigFix Platform is a suite of endpoint security management platforms from HCL Technologies, USA. The platform supports automated discovery, management and remediation of endpoint security issues. A security vulnerability exists in the HCL BigFix Platform that originates from ...
HCL BigFix Platform 代码问题漏洞
HCL Technologies HCL BigFix Platform is a suite of endpoint security management platforms from HCL Technologies, USA. The platform supports automated discovery, management and remediation of endpoint security issues. A security vulnerability exists in the HCL BigFix Platform that originates from ...
CVE-2022-45926
An issue was discovered in OpenText Content Suite Platform 22.1 16.2.19.1803. The endpoint notify.localizeEmailTemplate allows a low-privilege user to evaluate webreports...
CVE-2022-45926
An issue was discovered in OpenText Content Suite Platform 22.1 16.2.19.1803. The endpoint notify.localizeEmailTemplate allows a low-privilege user to evaluate webreports...
Design/Logic Flaw
An issue was discovered in OpenText Content Suite Platform 22.1 16.2.19.1803. The endpoint notify.localizeEmailTemplate allows a low-privilege user to evaluate webreports...
CVE-2022-45926
An issue was discovered in OpenText Content Suite Platform 22.1 16.2.19.1803. The endpoint notify.localizeEmailTemplate allows a low-privilege user to evaluate webreports...
OpenText Content Suite Platform 代码问题漏洞
OpenText Content Suite Platform is a top-of-the-line enterprise content management ECM system from OpenText. It can manage the entire enterprise information lifecycle, from capture to archiving and disposal. A security vulnerability exists in OpenText Content Suite Platform version 22.1, which...
The vulnerability of the WebReports server, the WebStation user interface, and the Enterprise Server installer, as well as the Enterprise Central installer, is related to insufficient protection of the web page structure, allowing a hacker to execute arbitrary code.
The vulnerabilities of the WebReports server, the WebStation user interface, and the Enterprise Server installer, as well as the Enterprise Central installer, are related to insufficient protection of the web page structure. Exploiting these vulnerabilities allows a malicious actor to execute...
The vulnerability of the WebReports server lies in its ability to allow unlimited loading of malicious files, enabling attackers to upload malware and execute arbitrary code.
The vulnerability of the WebReports report server is related to the unlimited download of malicious files. Exploiting this vulnerability allows a remote attacker to download malicious files and execute arbitrary code...
The vulnerability of WebReports servers stems from insufficient protection of the website structure, allowing attackers to upload malicious files and execute arbitrary code.
The vulnerability of the WebReports report server is related to insufficient protection of the website structure. Exploiting this vulnerability allows a malicious actor to download malicious files and execute arbitrary code...
The vulnerability of the WebReports server lies in the improper limitation of XML links to external objects. This allows attackers to disclose protected information or cause service failures.
The vulnerability of the WebReports report server is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability can allow a malicious actor to disclose protected information or cause service failures...
The vulnerability of the WebReports server report processing system, related to inadequate access control mechanisms, allows attackers to escalate their privileges.
The vulnerability of the WebReports report server is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to increase their privileges...
The vulnerability of WebReports servers stems from insufficient protection of the website structure, allowing attackers to upload malicious files and execute arbitrary code.
The vulnerability of the WebReports report server is related to insufficient protection of the website structure. Exploiting this vulnerability allows a malicious actor to download malicious files and execute arbitrary code...
ICSA-21-063-02_Schneider Electric EcoStruxure Building Operation (EBO)
1. EXECUTIVE SUMMARY CVSS v3 6.7 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: EcoStruxure Building Operation Vulnerabilities: Unrestricted Upload of File with Dangerous Type, Cross-site Scripting, Improper Restriction of XML External Entity...
Schneider Electric EcoStruxure Building Operation WebReports Improper Access Control Vulnerability
EcoStruxure Building Operation WebReports is a web application for creating, viewing and managing reports. An improper access control vulnerability exists in EcoStruxure Building Operation WebReports 1.9 - 3.1. A remote attacker could exploit this vulnerability to access restricted web resources...
CVE-2020-7572
A CWE-611 Improper Restriction of XML External Entity Reference vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to inject arbitrary XML code and obtain disclosure of confidential data, denial of service, server...
CVE-2020-7570
A CWE-79 Improper Neutralization of Input During Web Page Generation Cross-site Scripting Stored vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to inject arbitrary web script or HTML due to incorrect...
CVE-2020-7573
A CWE-284 Improper Access Control vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause a remote attacker being able to access a restricted web resources due to improper access control...
CVE-2020-7570
A CWE-79 Improper Neutralization of Input During Web Page Generation Cross-site Scripting Stored vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to inject arbitrary web script or HTML due to incorrect...
CVE-2020-7569
A CWE-434 Unrestricted Upload of File with Dangerous Type vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to upload arbitrary files due to incorrect verification of user supplied files and achieve remote code...