Apache Ranger allows remote authenticated administrators to inject arbitrary web script or HTML

Cross-site scripting XSS vulnerability in the create user functionality in the policy admin tool in Apache Ranger before 0.6.1 allows remote authenticated administrators to inject arbitrary web script or HTML via vectors related to policies...

Security Bulletin: Security vulnerabilities in IBM Java Runtime affect IBM RLKS Administration and Reporting Tool Admin

Summary There are multiple vulnerabilities related to IBM® Runtime Environment Java™ Technology Edition which is used and shipped by different versions of IBM Rational License Key Server Administration and Reporting Tool Admin ART. Vulnerability Details CVEID: CVE-2017-10281 DESCRIPTION: An...

[SECURITY] Fedora 27 Update: phpMyAdmin-4.7.7-1.fc27

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

IBM Open Admin Tool SOAP welcomeServer PHP Command Injection

Added: 09/27/2017 CVE: CVE-2017-1092 BID: 98615 Background IBM Informix Dynamic Server IDS is an online transaction processing OLTP data server for enterprise and workgroup computing. Open Admin Tool OAT is an open source, platform-independent tool providing a graphical interface for administrati...

IBM Open Admin Tool SOAP welcomeServer PHP Command Injection

Added: 09/27/2017 CVE: CVE-2017-1092 BID: 98615 Background IBM Informix Dynamic Server IDS is an online transaction processing OLTP data server for enterprise and workgroup computing. Open Admin Tool OAT is an open source, platform-independent tool providing a graphical interface for administrati...

IBM Open Admin Tool SOAP welcomeServer PHP Command Injection

Added: 09/27/2017 CVE: CVE-2017-1092 BID: 98615 Background IBM Informix Dynamic Server IDS is an online transaction processing OLTP data server for enterprise and workgroup computing. Open Admin Tool OAT is an open source, platform-independent tool providing a graphical interface for administrati...

IBM Informix Dynamic Server Open Admin Tool Remote Code Execution Vulnerability

IBM Informix Dynamic Server IDS is a scalable object-relational database server from IBM in the United States that provides continuous data availability and disaster recovery, among other features, for clustered data centers.Open Admin Tool is one of the Web applications used to manage and analyz...

IBM Informix Dynamic Server 11.50.xCn < 11.50.xC9 / 11.70.xCn < 11.70.xC9 / 12.10.xCn < 12.10.xC8W2 Multiple Vulnerabilities (SWEET32)

The version of IBM Informix Dynamic Server installed on the remote host is 11.50.xCn prior to 11.50.xC9, 11.70.xCn prior to 11.70.xC9, or 12.10.xCn prior to 12.10.xC8W2. It is, therefore, affected by a multiple vulnerabilities : - A vulnerability, known as SWEET32, exists in the OpenSSL component...

CVE-2017-1092

IBM Informix Open Admin Tool 11.5, 11.7, and 12.1 could allow an unauthorized user to execute arbitrary code as system admin on Windows servers. IBM X-Force ID: 120390...

Design/Logic Flaw

IBM Informix Open Admin Tool 11.5, 11.7, and 12.1 could allow an unauthorized user to execute arbitrary code as system admin on Windows servers. IBM X-Force ID: 120390...

CVE-2017-1092

IBM Informix Open Admin Tool 11.5, 11.7, and 12.1 could allow an unauthorized user to execute arbitrary code as system admin on Windows servers. IBM X-Force ID: 120390...

CVE-2017-1092

IBM Informix Open Admin Tool 11.5, 11.7, and 12.1 could allow an unauthorized user to execute arbitrary code as system admin on Windows servers. IBM X-Force ID: 120390...

CVE-2017-1092

The Connected IBM bulletin confirms CVE-2017-1092: IBM Informix Open Admin Tool contains an unauthenticated remote code execution vulnerability on Windows servers. Affected products include IBM Informix Dynamic Server (IDS) and Open Admin Tool. Root cause: Open Admin Tool permits arbitrary code e...

Insight into Installed Apps Widget

XenMobile Dashboard provides different widgets which help admins to view useful information at a glance. Other than just viewing the summary that appears in form of graphs, admins can also export the complete set of data as a CSV file to view the details. Installed Apps widget is one of the very...

Cross site scripting

Cross-site scripting XSS vulnerability in the create user functionality in the policy admin tool in Apache Ranger before 0.6.1 allows remote authenticated administrators to inject arbitrary web script or HTML via vectors related to policies...

CVE-2016-2174

SQL injection vulnerability in the policy admin tool in Apache Ranger before 0.5.3 allows remote authenticated administrators to execute arbitrary SQL commands via the eventTime parameter to service/plugins/policies/eventTime...

CVE-2016-2174

SQL injection vulnerability in the policy admin tool in Apache Ranger before 0.5.3 allows remote authenticated administrators to execute arbitrary SQL commands via the eventTime parameter to service/plugins/policies/eventTime...

CVE-2015-5167

The Policy Admin Tool in Apache Ranger before 0.5.1 allows remote authenticated users to bypass intended access restrictions via the REST API...

Design/Logic Flaw

The Policy Admin Tool in Apache Ranger before 0.5.1 allows remote authenticated users to bypass intended access restrictions via the REST API...

CVE-2015-5167

The CVE-2015-5167 entry concerns Apache Ranger’s Policy Admin Tool. The vulnerability allows remote authenticated users to bypass intended access restrictions via the REST API in Ranger versions prior to 0.5.1. Affected component: Policy Admin Tool; root cause described as an access-control bypas...