2 matches found
PT-2011-24: Security Restrictions Bypassing in Arbor Peakflow X
The specialists of the Positive Research center have detected a Security Restrictions Bypassing vulnerability in Arbor Peakflow X. Any user registered in the system can perform the following actions: - Lock any system users with any privileges except the user "admin." - Unlock any locked system...
PT-2011-18: Cross-Site Scripting in Arbor Peakflow X
The specialists of the Positive Research center have detected a Cross-Site Scripting vulnerability in Arbor Peakflow X. XSS-vulnerable parameters are found on several web pages. The following parameters are vulnerable due to insufficient character escaping: a. /explore/entityinfo/ modestate...