CVE-2015-7725

Multiple SQL injection vulnerabilities in the Web-based Development Workbench in SAP HANA DB 1.00.091.00.1418659308 allow remote authenticated users to execute arbitrary SQL commands via the 1 remoteSourceName in the dropCredentials function or unspecified vectors in the 2 setTraceLevelsForXsApps...

CVE-2015-7230

The Workbench Email module 7.x-3.x before 7.x-3.4 for Drupal allows remote authenticated users with certain permissions to bypass node and field validation by saving a node...

Design/Logic Flaw

The Workbench Email module 7.x-3.x before 7.x-3.4 for Drupal allows remote authenticated users with certain permissions to bypass node and field validation by saving a node...

CVE-2015-7230

The Workbench Email module 7.x-3.x before 7.x-3.4 for Drupal allows remote authenticated users with certain permissions to bypass node and field validation by saving a node...

CVE-2015-7230

The vulnerability CVE-2015-7230 affects the Drupal Contributed module Workbench Email (7.x-3.x) prior to 7.x-3.4. Remote authenticated users with certain permissions can bypass node and field validation when saving a node, enabling possible unintended content handling. Affected product/version: W...

Drupal Workbench Email Module Security Bypass Vulnerability

Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.Workbench Email is one of the modules used to define and configure email conversions. A security bypass vulnerability exists in versions 7.x-3.x prior to 7.x-3.4 of the Drupal Workbench...

Workbench Email - Moderately Critical - Access bypass - DRUPAL-SA-CONTRIB-2015-139

Workbench Email module provides a way for administrators to define email transitions and configurable email subject / messages between those transitions. The module causes node and field validations to be skipped when saving nodes. The vulnerability is mitigated by the fact that an attacker must...

IBM Rational Test Workbench and Rational Test Virtualization Server Validation Bypass Vulnerability

IBM Rational Test Workbench and Rational Test Virtualization Server are both IBM software for creating, modifying, and deploying applications and providing testing capabilities functional testing, regression testing, load testing, etc.. The former is used for enterprise applications; the latter i...

Authentication flaw

Rational Test Control Panel in IBM Rational Test Workbench and Rational Test Virtualization Server 8.0.0.x before 8.0.0.5, 8.0.1.x before 8.0.1.6, 8.5.0.x before 8.5.0.4, 8.5.1.x before 8.5.1.5, 8.6.0.x before 8.6.0.4, and 8.7.0.x before 8.7.0.2 uses the MD5 algorithm for password hashing, which...

CVE-2015-1913

Rational Test Control Panel in IBM Rational Test Workbench and Rational Test Virtualization Server 8.0.0.x before 8.0.0.5, 8.0.1.x before 8.0.1.6, 8.5.0.x before 8.5.0.4, 8.5.1.x before 8.5.1.5, 8.6.0.x before 8.6.0.4, and 8.7.0.x before 8.7.0.2 uses the MD5 algorithm for password hashing, which...

CVE-2015-1913

CVE-2015-1913 affects IBM Rational Test Control Panel within Rational Test Workbench and Rational Test Virtualization Server. The root cause is the use of MD5 hashing for user passwords, enabling easier authentication bypass via unspecified vectors. Affected versions include 8.0.0.x (before 8.0.0...

CVE-2015-5067

The 1 Cross-System Tools and 2 Data Transfer Workbench in SAP NetWeaver have hardcoded credentials, which allows remote attackers to obtain access via unspecified vectors, aka SAP Security Notes 2059659 and 2057982...

CVE-2015-4159

The CVE-2015-4159 entry concerns SAP HANA Web-based Development Workbench with an SQL injection vulnerability. The affected component is the Web-based Development Workbench in SAP HANA, where remote attackers can submit specially crafted SQL commands to manipulate or obtain data. The root cause i...

SAP HANA Web-based Development Workbench SQL Injection Vulnerability

SAP HANA is a high-performance real-time data analytics platform that provides data querying capabilities that allow users to directly query and analyze large amounts of real-time business data.SAP HANA Web-based Development Workbench is a Web-based development platform. A SQL injection...

Oracle Commerce Platform Commerce Guided Search/Commerce Experience Manager Component Arbitrary Code Execution Vulnerability

Oracle Commerce Platform is a suite of e-business solution platforms. A security vulnerability exists in the Workbench subcomponent of the Oracle Commerce Guided Search/Oracle Commerce Experience Manager component of Oracle Commerce Platform, which can be exploited by remote attackers to execute...

CVE-2015-0495

Unspecified vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager component in Oracle Commerce Platform 3.x and 11.x allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Workbench...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager component in Oracle Commerce Platform 3.x and 11.x allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Workbench...

CVE-2015-0495

Unspecified vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager component in Oracle Commerce Platform 3.x and 11.x allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Workbench...

Oracle Endeca Tools and Frameworks Script.action Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Endeca Tools and Frameworks. Authentication is required to exploit this vulnerability, but authentication is easily bypassed. This product installs a web application called Oracle Endeca...

KIE Workbench Arbitrary File Execution Vulnerability

KIE Workbench is a set of JAVA-based development of open source BPM business process management of the complete release , including all the BPM and rules module . An arbitrary file execution vulnerability exists in KIE Workbench 6.0.x that could allow an authenticated remote user to read or write...