174 matches found
CVE-2018-3204
Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware subcomponent: Analytics Server. The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...
8x8: XSS (Cross site scripting) on https://apimgr.8x8.com
The domain apimgr.8x8.com hosted an outdated version of WSO2 Data Analytics Server...
PT-2018-3928 · Apache +1 · Apache Hive Jdbc Driver +1
Name of the Vulnerable Software and Affected Versions: Apache Hive JDBC driver versions 0.7.1 through 2.3.2 Oracle Business Intelligence Enterprise Edition Analytics Server affected versions not specified Description: The issue allows an attacker to bypass argument escaping in the JDBC driver's...
Cross site scripting
The Management Console in WSO2 Application Server 5.3.0, WSO2 Business Process Server 3.6.0, WSO2 Business Rules Server 2.2.0, WSO2 Complex Event Processor 4.2.0, WSO2 Dashboard Server 2.0.0, WSO2 Data Analytics Server 3.1.0, WSO2 Data Services Server 3.5.1, and WSO2 Machine Learner 1.2.0 is...
CVE-2017-14995
CVE-2017-14995: A stored XSS vulnerability in the Management Console affects multiple WSO2 products (WSO2 Application Server 5.3.0; WSO2 Business Process Server 3.6.0; WSO2 Business Rules Server 2.2.0; WSO2 Complex Event Processor 4.2.0; WSO2 Dashboard Server 2.0.0; WSO2 Data Analytics Server 3.1...
WSO2 Data Analytics Server Cross-Site Scripting Vulnerability
WSO2 Data Analytics Server is a data analytics server from WSO2, Inc. that provides real-time analysis of data streams, complex event processing, and machine learning. A cross-site scripting vulnerability exists in the carbon/resources/addcollectionajaxprocessor.jsp file in WSO2 Data Analytics...
WSO2 Data Analytics Server Multiple XSS Vulnerabilities
WSO2 Data Analytics Server is prone to multiple cross-site scripting vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Design/Logic Flaw
WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/addcollectionajaxprocessor.jsp via the collectionName or parentPath parameter...
CVE-2017-14651
WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/addcollectionajaxprocessor.jsp via the collectionName or parentPath parameter...
CVE-2017-14651
WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/addcollectionajaxprocessor.jsp via the collectionName or parentPath parameter...
CVE-2017-14651
Summary: CVE-2017-14651 affects WSO2 Data Analytics Server 3.1.0. The vulnerability is a cross-site scripting (XSS) flaw in carbon/resources/add_collection_ajaxprocessor.jsp, exploitable via the collectionName or parentPath parameters. Exploitation could cause injected scripts to run in a victim’...
CVE-2017-14651
WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/addcollectionajaxprocessor.jsp via the collectionName or parentPath parameter...
Multiple SAP Products 'DBISQL' Information Disclosure Vulnerability
SAP SQL Anywhere is a product of SAP, Germany.SQL Anywhere is an out-of-the-box database solution with enterprise-class features.SAP IQ is an analytics server designed for analytics, data warehousing, and business intelligence environments.SAP ASE is a database management platform. An information...
WSO2 Carbon Products Detection (HTTP)
HTTP based detection of WSO2 Carbon products. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
CVE-2011-5322
GE Healthcare Centricity Analytics Server 1.1 has a default password of 1 V0yag3r for the SQL Server sa user, 2 G3car3s for the analyst user, 3 G3car3s for the ccg user, 4 V0yag3r for the viewer user, and 5 geservice for the geservice user in the Webmin interface, which has unspecified impact and...
Default credentials
GE Healthcare Centricity Analytics Server 1.1 has a default password of 1 V0yag3r for the SQL Server sa user, 2 G3car3s for the analyst user, 3 G3car3s for the ccg user, 4 V0yag3r for the viewer user, and 5 geservice for the geservice user in the Webmin interface, which has unspecified impact and...
CVE-2011-5322
GE Healthcare Centricity PACS-IW (Centricity PACS-IW) is vulnerable via default/hard-coded credentials documented for CVE-2011-5322 in Centricity Analytics Server 1.1, notably in the Webmin interface where several accounts use known passwords (e.g., V0yag3r, G3car3s, geservice). Exploitation coul...
TIBCO Spotfire Analytics Server Authentication Module Unspecified Information Disclosure
The remote host is running a version of TIBCO Spotfire Analytics Server that is affected by an information disclosure vulnerability due to an unspecified flaw in the Authentication Module. A remote attacker can exploit this vulnerability to access sensitive information by sending a specially...
TIBCO Spotfire Analytics Server Web Application Multiple Vulnerabilities
The remote host is running a version of TIBCO Spotfire Analytics Server that is affected by multiple vulnerabilities : - A cross-site scripting vulnerability exists that allows a remote attacker to view or modify sensitive information. CVE-2011-3132 - A session fixation vulnerability exists that...
CVE-2011-3133
Session fixation vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.1, and Spotfire Analytics Server before 10.1.1, allows remote attackers to hijack web sessions via unspecified vectors...