17 matches found
EUVD-2002-1980
Malware in sbrugna...
CVE-2002-2000
ACMS 4.3 and 4.4 in OpenVMS Alpha 7.2 and 7.3 does not properly use process privileges, which allows attackers to access data...
CVE-2024-21939
Incorrect default permissions in the AMD Cloud Manageability Service ACMS Software installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution...
CVE-2024-21939
Incorrect default permissions in the AMD Cloud Manageability Service ACMS Software installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution...
AFU, AFD and XSS vulnerabilities in Uploadify
Hello 3APA3A! These are Arbitrary File Uploading, Arbitrary File Deletion and Cross-Site Scripting vulnerabilities in Uploadify. Particularly in the version used in aCMS it looks like these developers use modified version of Uploadify, but other developers also can use such version...
Uploadify 2.1.4 File Upload / XSS / File Deletion
Hello list! These are Arbitrary File Uploading, Arbitrary File Deletion and Cross-Site Scripting vulnerabilities in Uploadify. Particularly in the version used in aCMS it looks like these developers use modified version of Uploadify, but other developers also can use such version...
XSS and CS vulnerabilities in aCMS
Hello 3APA3A! After previous Cross-Site Scripting, Content Spoofing, Information Leakage, Insufficient Authorization and Arbitrary File Uploading vulnerabilities in aCMS, here are new ones. These are Cross-Site Scripting and Content Spoofing vulnerabilities in aCMS. This is commercial CMS...
IA and AFU vulnerabilities in aCMS
Hello 3APA3A! These are Insufficient Authorization and Arbitrary File Uploading vulnerabilities in aCMS. This is commercial CMS. There are multiple vulnerabilities in aCMS and it's the second part of them. ------------------------- Affected products: ------------------------- Vulnerable are aCMS...
Multiple vulnerabilities in aCMS
Hello 3APA3A! These are Cross-Site Scripting, Content Spoofing and Information Leakage vulnerabilities in aCMS. This is commercial CMS. There are multiple vulnerabilities in aCMS and it's the first part of them. ------------------------- Affected products: ------------------------- Vulnerable are...
aCMS 1.0 Shell Upload / Insufficient Authorization
Hello list! These are Insufficient Authorization and Arbitrary File Uploading vulnerabilities in aCMS. This is commercial CMS. There are multiple vulnerabilities in aCMS and it's the second part of them. ------------------------- Affected products: ------------------------- Vulnerable are aCMS 1....
aCMS 1.0 XSS / Content Spoofing / Information Leak
Hello list! These are Cross-Site Scripting, Content Spoofing and Information Leakage vulnerabilities in aCMS. This is commercial CMS. There are multiple vulnerabilities in aCMS and it's the first part of them. ------------------------- Affected products: ------------------------- Vulnerable are...
Cross site scripting
Cross-site scripting XSS vulnerability in ZeroClipboard.swf and ZeroClipboard10.swf in ZeroClipboard before 1.0.8, as used in em-shorty, RepRapCalculator, Fulcrum, Django, aCMS, and other products, allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this is...
XSS vulnerabilities in em-shorty, RepRapCalculator, Fulcrum, Django and aCMS
Hello 3APA3A! After my previous list of vulnerable software with ZeroClipboard.swf, here is a list of software with ZeroClipboard10.swf. These are Cross-Site Scripting vulnerabilities in em-shorty, RepRapCalculator, Fulcrum, Django and aCMS. Earlier I've wrote about Cross-Site Scripting...
SINIT Buffer Overflow Vulnerability
Summary: Intel® Trusted Execution Technology SINIT Authenticated Code Modules ACMs are susceptible to a buffer overflow issue. Intel is providing updated SINIT ACMs to mitigate this issue and microcode updates to revoke vulnerable SINIT ACMs. Description: When Intel® Trusted Execution Technology...
ACMS vulnerability-vulnerability warning-the black bar safety net
A few days ago a friend asked me to help him dosecurity testing, his Station is ACMS information distribution system. I to the official down a set of ACMS to study. ACMS front Desk is by the back-end to generate the static page, there is no injection vulnerability. The background comes with the...
CVE-2002-2000
ACMS 4.3 and 4.4 on OpenVMS Alpha 7.2 and 7.3 expose a privilege-handling flaw where the process privileges are not properly used, allowing an attacker to access data. The issue is local in scope (attackVector: LOCAL) with low base score (CVSS2: 2.1, LOW) and requires no authentication. The descr...
CVE-2002-2000
ACMS 4.3 and 4.4 in OpenVMS Alpha 7.2 and 7.3 does not properly use process privileges, which allows attackers to access data...