126 matches found
CVE-2013-6346
Cross-site request forgery CSRF vulnerability in the ZCC page in Novell ZENworks Configuration Management ZCM before 11.2.4 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...
EUVD-2015-0796
Malware in sbrugna...
EUVD-2015-0795
Malware in sbrugna...
EUVD-2012-6200
Malware in sbrugna...
EUVD-2013-1134
Malware in sbrugna...
EUVD-2013-1133
Malware in sbrugna...
EUVD-2013-6170
Malware in sbrugna...
ZENworks Configuration Management 11.1 Shell Upload
ZENworks Configuration Management version 11.1 suffers from a remote shell upload vulnerability. ============================================================================================================================================= | Title : ZENworks Configuration Management 11.1 PHP Code...
ZENworks Configuration Management 11.1a Shell Upload
ZENworks Configuration Management version 11.1a suffers from a remote shell upload vulnerability. ============================================================================================================================================= | Title : ZENworks Configuration Management 11.1a PHP Cod...
Novell ZENworks Configuration Management Preboot Service Remote File Access
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Novell ZENworks Configuration Management Preboot Service Remote File Access', 'Description' = %q This module exploits a directory traversal in th...
CVE-2023-6400
Incorrect Authorization vulnerability in OpenText™ ZENworks Configuration Management ZCM allows Unauthorized Use of Device Resources.This issue affects ZENworks Configuration Management ZCM versions: 2020 update 3, 23.3, and 23.4...
CVE-2023-6400 Incorrect user authorization vulnerability on OpenText ZENworks Configuration Management (ZCM) product.
Incorrect Authorization vulnerability in OpenText™ ZENworks Configuration Management ZCM allows Unauthorized Use of Device Resources.This issue affects ZENworks Configuration Management ZCM versions: 2020 update 3, 23.3, and 23.4...
CVE-2023-6400
CVE-2023-6400 concerns an incorrect authorization vulnerability in OpenText ZENworks Configuration Management (ZCM). Affected are ZCM versions: 2020 update 3, 23.3, and 23.4. The root cause is improper authorization checks, enabling unauthorized use of device resources. Practical impact is high (...
SUSE CVE-2013-3706
Directory traversal vulnerability in the PreBoot service in Novell ZENworks Configuration Management ZCM 11.2 allows remote attackers to read arbitrary files via a .. dot dot in a preboot update pathname, aka ZDI-CAN-1595...
Micro Focus ZENworks Configuration Management 权限许可和访问控制问题漏洞
Micro Focus ZENworks Configuration Management is an endpoint device management software from Micro Focus UK that provides a single management platform for all of a user's endpoint devices, reducing costs and improving IT. A vulnerability in Micro Focus ZENworks Configuration Management with...
The vulnerability of the doPost method in the Rtrlet class of the ZENworks Configuration Management information system allows a perpetrator to load and execute arbitrary files.
The vulnerability of the doPost method in the Rtrlet class of the ZENworks Configuration Management software lies in the deficiencies in path name restriction. Exploiting this vulnerability allows a malicious actor to download and execute arbitrary files using unspecified vectors...
The vulnerability of the ScheduleQuery method in the scheduling class of the ZENworks Configuration Management information system allows a perpetrator to execute arbitrary SQL commands.
The vulnerability of the ScheduleQuery method in the ZENworks Configuration Management software framework relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands using undefined vectors...
The vulnerability of the Preboot Policy service of the information system management software ZENworks Configuration Management allows a perpetrator to execute arbitrary code.
The vulnerability of the Preboot Policy service in the information system management software ZENworks Configuration Management ZCM is caused by a buffer overflow in the stack. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...
Design/Logic Flaw
Rtrlet.class in Novell ZENworks Configuration Management ZCM allows remote attackers to obtain Session IDs of logged in users via a value of ShowLogins for the maintenance variable...
CVE-2015-0782
SQL injection vulnerability in the ScheduleQuery method of the schedule class in Novell ZENworks Configuration Management ZCM allows remote attackers to execute arbitrary SQL commands via unspecified vectors...