The vulnerability of the Web Time and Expense interface of the integrated enterprise management system Microsoft Dynamics NAV allows a malicious individual to gain unauthorized access to arbitrary reports.

The vulnerability of the Web Time and Expense interface of the integrated enterprise management system Microsoft Dynamics NAV is related to the insecure direct object reference IDOR. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to arbitrar...

CVE-2012-4604

The TRITON management console in Websense Web Security before 7.6 Hotfix 24 allows remote attackers to bypass authentication and read arbitrary reports via a crafted uid field, in conjunction with a crafted userRoles field, in a cookie, as demonstrated by a request to explorerwse/favorites.exe...

CVE-2012-4604

The TRITON management console in Websense Web Security before 7.6 Hotfix 24 allows remote attackers to bypass authentication and read arbitrary reports via a crafted uid field, in conjunction with a crafted userRoles field, in a cookie, as demonstrated by a request to explorerwse/favorites.exe...

Portcullis Security Advisory 05-009

Portcullis Security Advisory Vulnerable System: Webseries Payment Application Vulnerability Title: Execute Of Arbitrary Reports Vulnerability discovery and development: Portcullis Security Testing Services Affected systems: Bottomline Webseries Payment Application Details: Portcullis consultants...