10 matches found
EUVD-2017-14105
Malware in sbrugna...
Forwarded HTTP Headers
cloudfoundry-identity-server is vulnerable to forwarded http headers. There is an issue with forwarded http headers in UAA that can result in an account being corrupted...
CVE-2017-4994
An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v263; UAA release 2.x versions prior to v2.7.4.18, 3.6.x versions prior to v3.6.12, 3.9.x versions prior to v3.9.14, and other versions prior to v4.3.0; and UAA bosh release uaa-release 13.x versions prior to v13.16,...
CVE-2017-4994
An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v263; UAA release 2.x versions prior to v2.7.4.18, 3.6.x versions prior to v3.6.12, 3.9.x versions prior to v3.9.14, and other versions prior to v4.3.0; and UAA bosh release uaa-release 13.x versions prior to v13.16,...
Design/Logic Flaw
An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v263; UAA release 2.x versions prior to v2.7.4.18, 3.6.x versions prior to v3.6.12, 3.9.x versions prior to v3.9.14, and other versions prior to v4.3.0; and UAA bosh release uaa-release 13.x versions prior to v13.16,...
CVE-2017-4994
CVE-2017-4994 affects Cloud Foundry components including cf-release prior to v263 and UAA releases earlier than v2.7.4.18 (2.x), v3.6.12 (3.6.x), v3.9.14 (3.9.x), and v4.3.0+ for other lines, plus UAA Bosh releases prior to v13.16, v24.11, and v30.4. The issue is with forwarded HTTP headers in UA...
CVE-2017-4994
An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v263; UAA release 2.x versions prior to v2.7.4.18, 3.6.x versions prior to v3.6.12, 3.9.x versions prior to v3.9.14, and other versions prior to v4.3.0; and UAA bosh release uaa-release 13.x versions prior to v13.16,...
CVE-2017-4994: Forwarded Headers in UAA | Cloud Foundry
Severity High Vendor Cloud Foundry Foundation Versions Affected cf-release versions prior to v263 UAA release: 2.x versions prior to v2.7.4.18 3.6.x versions prior to v3.6.12 3.9.x versions prior to v3.9.14 Other versions prior to v4.3.0 UAA bosh release uaa-release: 13.x versions prior to v13.16...
Multiple PHP Topsites Vulnerabities found
Multiple PHP Topsites Vulnerabities found PHP TopSites is a PHP/MySQL-based customizable TopList script. Main features include: Easy configuration config file; MySQL database backend; unlimited categories, Site rating on incoming votes; Special Rating from Webmaster; anti-cheating gateway; Random...
DCForum 6.0 - Remote Admin Privilege Arbitrary Commands
DCForum 6.0 - Remote Admin Privilege Arbitrary Commands source: https://www.securityfocus.com/bid/2728/info DCForum is a commercial cgi script from DCScripts which is designed to facilitate web-based threaded discussion forums. Versions of DCForum are vulnerable to attacks which can yield an...