344 matches found
CVE-2015-4268
Cisco Identity Services Engine (ISE) Infra Admin UI is affected by CVE-2015-4268, with XSS vulnerabilities in ISE versions 1.2(1.198) and 1.3(0.876). The root cause is insufficient input validation of certain HTTP GET/POST parameters, enabling remote attackers to inject arbitrary web script or HT...
CVE-2015-0510
Unspecified vulnerability in the Oracle Commerce Platform component in Oracle Commerce Platform 9.4, 10.0, and 10.2 allows remote attackers to affect integrity via vectors related to Dynamo Application Framework - HTML Admin User Interface...
Apache Solr Cross-Site Scripting Vulnerability
Apache Solr is an open source search server. A cross-site scripting vulnerability in the Admin UI Plugin / Stats page in version 4.x of Apache Solr prior to 4.10.3 allows remote attackers to inject arbitrary web script or HTML via fieldvaluecache objects...
CVE-2014-3628
Cross-site scripting XSS vulnerability in the Admin UI Plugin / Stats page in Apache Solr 4.x before 4.10.3 allows remote attackers to inject arbitrary web script or HTML via the fieldvaluecache object...
Cross site scripting
Cross-site scripting XSS vulnerability in the Admin UI Plugin / Stats page in Apache Solr 4.x before 4.10.3 allows remote attackers to inject arbitrary web script or HTML via the fieldvaluecache object...
CVE-2014-3628
Cross-site scripting XSS vulnerability in the Admin UI Plugin / Stats page in Apache Solr 4.x before 4.10.3 allows remote attackers to inject arbitrary web script or HTML via the fieldvaluecache object...
CVE-2014-3628
Cross-site scripting XSS vulnerability in the Admin UI Plugin / Stats page in Apache Solr 4.x before 4.10.3 allows remote attackers to inject arbitrary web script or HTML via the fieldvaluecache object...
zen cart 1.3.9f - Multiple Vulnerabilities
No description provided by source. Zen Cart v1.3.9f Multiple Remote Vulnerabilities Vendor: Zen Ventures, LLC Product web page: http://www.zen-cart.com Version affected: 1.3.9f Summary: Zen Cart is an online store management system. It is PHP-based, using a MySQL database and HTML components...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the admin UI in Papercut MF and NG before 14.1 Build 26983 allows remote attackers to hijack the authentication of administrators via unspecified vectors...
CVE-2014-2659
CVE-2014-2659 is a CSRF vulnerability in the admin UI of PaperCut MF & NG (affecting versions up to 14.1 build 26983; KLA10291 notes 14.1 build 26830 and earlier). The issue allows remote attackers to hijack administrator sessions via unspecified vectors. No exploit specifics are provided in the ...
CVE-2014-2659
Cross-site request forgery CSRF vulnerability in the admin UI in Papercut MF and NG before 14.1 Build 26983 allows remote attackers to hijack the authentication of administrators via unspecified vectors...
Secure Mail Archive with Space Permissions
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-31945. panel Mail Archives in a Space are currently not subject to any Read / View security context Permissions. They are visib...
Secure Mail Archive with Space Permissions
Mail Archives in a Space are currently not subject to any Read / View security context Permissions. They are visible to all space users. REQUEST: Apply Restrict Space Permissions to Mail Archive Same behavior as for Pages, restricting ability to search or view mail archive based on permissions. S...
Secure Mail Archive with Space Permissions
Mail Archives in a Space are currently not subject to any Read / View security context Permissions. They are visible to all space users. REQUEST: Apply Restrict Space Permissions to Mail Archive Same behavior as for Pages, restricting ability to search or view mail archive based on permissions. S...
Secure Mail Archive with Space Permissions
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-31944. panel Mail Archives in a Space are currently not subject to any Read / View security context Permissions. They are visibl...
Dr. Web Control Center 6.00.3.201111300 Cross Site Scripting
Dr. Web Control Center Admin UI Remote Script Code Injection ============================================================= Affected Products/Versions -------------------------- Product Name: Dr. Web Enterprise Server Version Number: 6.00.3.201111300 Product/Company Information...
Dr. Web Control Center 6.00.3.201111300 - Cross-Site Scripting
Dr. Web Control Center 6.00.3.201111300 - Cross-Site Scripting Dr. Web Control Center Admin UI Remote Script Code Injection ============================================================= Affected Products/Versions -------------------------- Product Name: Dr. Web Enterprise Server Version Number:...
Unable to Connect Hyper-V Host via WMI. User credentials cannot be used for local connections.
Challenge When trying to add a Hyper-V host, you receive the error "Unable to connect via WMI. User Credentials cannot be used for local connections." Cause Not all of the prerequisites have been installed when using Veeam Backup & Replication. Solution Before adding Hyper-V servers, check the...
CVE-2011-0453
F-Secure Internet Gatekeeper for Linux 3.x before 3.03 does not require authentication for reading access logs, which allows remote attackers to obtain potentially sensitive information via a TCP session on the admin UI port...
Authentication flaw
F-Secure Internet Gatekeeper for Linux 3.x before 3.03 does not require authentication for reading access logs, which allows remote attackers to obtain potentially sensitive information via a TCP session on the admin UI port...