EUVD-2012-1315

Malware in sbrugna...

CVE-2017-9279

NetIQ Identity Manager before 4.5.6.1 allowed uploading files with double extensions or non-image content in the Themes handling of the User Application Administration, allowing malicious user administrators to potentially execute code or mislead users...

Design/Logic Flaw

NetIQ Identity Manager before 4.5.6.1 allowed uploading files with double extensions or non-image content in the Themes handling of the User Application Administration, allowing malicious user administrators to potentially execute code or mislead users...

CVE-2017-9279

NetIQ Identity Manager before 4.5.6.1 allowed uploading files with double extensions or non-image content in the Themes handling of the User Application Administration, allowing malicious user administrators to potentially execute code or mislead users...

CVE-2017-9279

CVE-2017-9279 affects NetIQ Identity Manager prior to 4.5.6.1. In the Themes handling of the User Application Administration, it allows uploading files with double extensions or non-image content, enabling a malicious administrator to potentially execute code or mislead users. Root cause: insuffi...

Directory traversal

Multiple directory traversal vulnerabilities in SAP NetWeaver 7.0 allow remote authenticated users to read arbitrary files via a .. dot dot in the logfilename parameter to 1 b2b/admin/log.jsp or 2 b2b/admin/logview.jsp in the Internet Sales crm.b2b component, or 3 ipc/admin/log.jsp or 4...

CVE-2012-1289

SAP NetWeaver 7.0 is affected by multiple directory traversal vulnerabilities in log.jsp/log_view.jsp under Internet Sales (crm.b2b) and Application Administration (com.sap.ipc.webapp.ipc). The root cause is improper validation of the logfilename parameter, allowing remote authenticated users to ...