44 matches found
SAP Business Connector 4.6/4.7 - 'deleteSingle?fullName' Arbitrary File Deletion
source: https://www.securityfocus.com/bid/16668/info SAP Business Connector is prone to a file-access/deletion vulnerability. This issue arises due to an access-validation error. A successful attack will result in the disclosure of sensitive or privileged information. An attacker may also delete...
DTSA-25-1 smb4k - access validation error
Bulletin has no description...
Ocean12 ASP Calendar Manager 1.0 - Authentication Bypass
Ocean12 ASP Calendar Manager 1.0 - Authentication Bypass source: https://www.securityfocus.com/bid/15329/info Ocean12 ASP Calendar Manager is prone to an authentication bypass vulnerability. This is due to to an access validation error in the application. The application does properly verify acce...
Ocean12 ASP Calendar Manager 1.0 - Authentication Bypass
source: https://www.securityfocus.com/bid/15329/info Ocean12 ASP Calendar Manager is prone to an authentication bypass vulnerability. This is due to to an access validation error in the application. The application does properly verify access privileges and allows the attacker to gain access to...
GeoVision Digital Surveillance System 6.0 46.1 - Unauthorized .JPEG Image Access
GeoVision Digital Surveillance System 6.0 46.1 - Unauthorized .JPEG Image Access source: https://www.securityfocus.com/bid/13571/info GeoVision Digital Surveillance System is prone to a vulnerability that allows remote unauthorized attackers to view JPEG images stored on a server. This issue...
Logics Software LOG-FT - Arbitrary File Disclosure
source: https://www.securityfocus.com/bid/12998/info LOG-FT is reported prone to an arbitrary file disclosure vulnerability. This issue results from an access validation error and can allow a remote attacker to disclose sensitive data. It is reported that an attacker can simply issue a specially...
Logics Software LOG-FT - Arbitrary File Disclosure
Logics Software LOG-FT - Arbitrary File Disclosure source: https://www.securityfocus.com/bid/12998/info LOG-FT is reported prone to an arbitrary file disclosure vulnerability. This issue results from an access validation error and can allow a remote attacker to disclose sensitive data. It is...
PE Multiple Remote Access Validation Vulnerabilities (Participate Systems Inc. / Outstart Inc.)
-------------------------------------------------------- - Multiple Remote Access Validation Vulnerabilities - With PE community software -------------------------------------------------------- Altrus::security.honour.ca Program name: PE Versions affected: unknown Vendors: Outstart Inc...
Microsoft Windows Kernel Virtual DOS Machine Privilege Escalation Vulnerability
Description Microsoft Windows Kernel Virtual DOS Machine is reported prone to a local privilege-escalation vulnerability. The Microsoft Virtual DOS Machine VDM is a protected environment that emulates MS-DOS on Windows NT-based operating systems. This issue is caused by an access-validation error...
UtilMind Solutions Site News 1.1 - Authentication Bypass
UtilMind Solutions Site News 1.1 - Authentication Bypass source: https://www.securityfocus.com/bid/11126/info Reportedly UtilMind Solutions Site News is affected by an authentication bypass vulnerability. This issue is due to an access validation error. An unauthenticated attacker can leverage th...
iDEFENSE Security Advisory 02.27.04b: Microsoft Internet Explorer Cross Frame Scripting Restriction Bypass
Microsoft Internet Explorer Cross Frame Scripting Restriction Bypass iDEFENSE Security Advisory 02.27.04b: http://www.idefense.com/application/poi/display?id=77&type=vulnerabiliti es February 27, 2004 I. BACKGROUND Internet Explorer is a set of core technologies in Microsoft Windows operating...
Tritanium Scripts Tritanium Bulletin Board 1.2.3 - Unauthorized Access
Tritanium Scripts Tritanium Bulletin Board 1.2.3 - Unauthorized Access source: https://www.securityfocus.com/bid/8944/info It has been reported that Tritanium Bulletin Board may be prone to an access validation error that may allow a remote attacker to to gain unauthorized access to threads. A...
Tritanium Scripts Tritanium Bulletin Board 1.2.3 - Unauthorized Access
source: https://www.securityfocus.com/bid/8944/info It has been reported that Tritanium Bulletin Board may be prone to an access validation error that may allow a remote attacker to to gain unauthorized access to threads. A remote attacker may be able to access sensitive data by modifying the URL...
Seyeon FlexWATCH Network Video Server 2.2 - Unauthorized Administrative Access
source: https://www.securityfocus.com/bid/8942/info It has been reported that FlexWATCH Network Video Server may be prone to an access validation error that may allow a remote attacker to gain administrative access to the system. The problem is reported to present itself when an attacker attempts...
Seyeon FlexWATCH Network Video Server 2.2 - Unauthorized Administrative Access
Seyeon FlexWATCH Network Video Server 2.2 - Unauthorized Administrative Access source: https://www.securityfocus.com/bid/8942/info It has been reported that FlexWATCH Network Video Server may be prone to an access validation error that may allow a remote attacker to gain administrative access to...
Fusion News 3.3 - Unauthorized Account Addition
Fusion News 3.3 - Unauthorized Account Addition source: https://www.securityfocus.com/bid/8441/info Fusion News is prone to an access validation error allowing a user to add arbitrary user/administrator accounts through manipulating URI parameters. Successful exploitation of this error may allow ...
Fusion News 3.3 - Unauthorized Account Addition
source: https://www.securityfocus.com/bid/8441/info Fusion News is prone to an access validation error allowing a user to add arbitrary user/administrator accounts through manipulating URI parameters. Successful exploitation of this error may allow a user to compromise a vulnerable system by...
CGIscript.net - csMailto.cgi - Remote Command Execution
CGIscript.net - csMailto.cgi - Remote Command Execution --------------------------------------------------------------------- Name : CGIscript.net - csMailto.cgi - Remote Command Execution Date : April 23, 2002 Product : csMailto Vuln Type : Access Validation Error Severity : HIGH RISK Vendor :...
multiple CGIscript.net scripts - Remote Code Execution
multiple CGIscript.net scripts - Remote Code Execution --------------------------------------------------------------------- Name : multiple CGIscript.net scripts - Remote Code Execution Date : April 8, 2002 Product : csGuestbook csLiveSupport csNewsPro csChatRBox Vuln Type : Access Validation...
CGIscript.net - csSearch.cgi - Remote Code Execution (up to 17,000 sites vulnerable)
CGIscript.net - csSearch.cgi - Remote Code Execution up to 17,000 sites vulnerable --------------------------------------------------------------------- Name : csSearch.cgi - Remote Code Execution Date : March 25, 2002 Product : csSearch Version : 2.3 vulnerable Vuln Type : Access Validation Erro...