14 matches found
EUVD-2015-4684
Malware in sbrugna...
Xceedium Xsuite Multiple Vulnerabilities
Xceedium Xsuite is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xceedium:xsuite";...
Xceedium Xsuite Remote Version Detection
Detection of installed version of Xceedium Xsuite. This script sends an HTTP GET request and tries to get the version from the response. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
Xceedium Xsuite Command Injection Vulnerability
Xceedium Xsuite is a unified identity management solution from Xceedium that provides access control, monitoring and logging capabilities for hybrid cloud environments. The solution supports access control policies based on roles or individual users. A security vulnerability exists in Xceedium...
Xceedium Xsuite Hardcoded Credentials Vulnerability
Xceedium Xsuite is a unified identity management solution from Xceedium that provides access control, monitoring and logging capabilities for hybrid cloud environments. The solution supports access control policies based on roles or individual users. Xceedium Xsuite suffers from a hard-coded...
Xceedium Xsuite Open Redirect Vulnerability
Xceedium Xsuite is a unified identity management solution from Xceedium that provides access control, monitoring and logging capabilities for hybrid cloud environments. The solution supports access control policies based on roles or individual users. An open redirection vulnerability exists in...
CVE-2015-4666
Directory traversal vulnerability in opm/readsessionlog.php in Xceedium Xsuite 2.4.4.5 and earlier allows remote attackers to read arbitrary files via a ....// quadruple dot double slash in the logFile parameter...
CVE-2015-4665
Cross-site scripting XSS vulnerability in ajaxcmd.php in Xceedium Xsuite 2.4.4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the fileName parameter...
Directory traversal
Directory traversal vulnerability in opm/readsessionlog.php in Xceedium Xsuite 2.4.4.5 and earlier allows remote attackers to read arbitrary files via a ....// quadruple dot double slash in the logFile parameter...
CVE-2015-4665
Cross-site scripting XSS vulnerability in ajaxcmd.php in Xceedium Xsuite 2.4.4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the fileName parameter...
CVE-2015-4665
CVE-2015-4665 concerns a cross-site scripting (XSS) vulnerability in Xceedium Xsuite. The flaw resides in ajax_cmd.php, affecting Xsuite versions 2.4.4.1 and earlier, where a malicious value supplied via the fileName parameter can inject arbitrary script/HTML in a user’s browser. Public documenta...
CVE-2015-4666
Directory traversal vulnerability in opm/readsessionlog.php in Xceedium Xsuite 2.4.4.5 and earlier allows remote attackers to read arbitrary files via a ....// quadruple dot double slash in the logFile parameter...
CVE-2015-4666
CVE-2015-4666 affects Xceedium Xsuite 2.4.4.5 and earlier, exposing a directory-traversal flaw in the opm/read_sessionlog.php script. The vulnerability allows unauthenticated users to read arbitrary files via the logFile parameter using a quadruple dot and slash pattern (....//), potentially expo...
Multiple (remote and local) Vulnerabilities in Xceedium Xsuite [MZ-15-02]
See also: http://www.modzero.ch/advisories/MZ-15-02-Xceedium-Xsuite.txt --------------------------------------------------------------------- modzero Security Advisory: Multiple Vulnerabilities in Xceedium Xsuite MZ-15-02 ---------------------------------------------------------------------...