8 matches found
EUVD-2015-4645
Malware in sbrugna...
CVE-2015-4626
B.A.S C2Box before 4.0.0 r19171 relies on client-side validation, which allows remote attackers to "corrupt the business logic" via a negative value in an overdraft...
Design/Logic Flaw
B.A.S C2Box before 4.0.0 r19171 relies on client-side validation, which allows remote attackers to "corrupt the business logic" via a negative value in an overdraft...
CVE-2015-4626
B.A.S C2Box before 4.0.0 r19171 relies on client-side validation, which allows remote attackers to "corrupt the business logic" via a negative value in an overdraft...
CVE-2015-4626
CVE-2015-4626 affects B.A.S C2Box; versions before 4.0.0 (r19171) rely on client-side validation, enabling a remote attacker to bypass validation and corrupt business logic via negative overdraft input. The vulnerability stems from unvalidated client input allowing server-side impact. >=4.0.0 ...
CVE-2015-4460
Cross-site request forgery CSRF vulnerability in SecuritySetting/UserSecurity/UserManagement.aspx in B.A.S C2Box before 4.0.0 r19171 allows remote attackers to hijack the authentication of administrators for requests that add administrator accounts via certain vectors...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in SecuritySetting/UserSecurity/UserManagement.aspx in B.A.S C2Box before 4.0.0 r19171 allows remote attackers to hijack the authentication of administrators for requests that add administrator accounts via certain vectors...
CVE-2015-4460
CVE-2015-4460 describes a Cross‑Site Request Forgery (CSRF) in B.A.S C2Box prior to 4.0.0 (r19171) that lets an unauthenticated attacker hijack an administrator’s session to add an admin account via SecuritySetting/UserSecurity/UserManagement.aspx, potentially compromising the domain. Connected s...