29 matches found
EUVD-2007-0434
Malware in sbrugna...
EUVD-2007-0432
Malware in sbrugna...
EUVD-2007-6166
Malware in sbrugna...
EUVD-2008-0874
Malware in sbrugna...
EUVD-2007-0433
Malware in sbrugna...
BEA AquaLogic Interaction 6.0/6.1 Plumtree Portal Multiple Information Disclosure Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/26620/info BEA AquaLogic Interaction is prone to multiple information-disclosure vulnerabilities. Attackers can exploit these issues to access valid usernames in the Plumtree portal as well as the server hostname, build...
CVE-2008-0867
Cross-site scripting XSS vulnerability in portal/server.pt in BEA AquaLogic Interaction 6.1 through MP1 and Plumtree Foundation 6.0 through SP1 allows remote attackers to inject arbitrary web script or HTML via the name parameter...
CVE-2008-0867
Cross-site scripting XSS vulnerability in portal/server.pt in BEA AquaLogic Interaction 6.1 through MP1 and Plumtree Foundation 6.0 through SP1 allows remote attackers to inject arbitrary web script or HTML via the name parameter...
CVE-2008-0867
BEA AquaLogic Interaction 6.1 MP1 and Plumtree Foundation 6.0 SP1 are affected by CVE-2008-0867, a Cross‑Site Scripting (XSS) flaw in portal/server.pt that allows injection of arbitrary web script or HTML via the name parameter. The vulnerability arises from handling user-supplied input in the po...
Plumtree Portal User Object User Enumeration
The version of the Plumtree portal included with BEA AquaLogic Interaction / Plumtree Foundation and installed on the remote host allows an attacker to obtain a list of users defined to the portal through its search facility. This may aide in further attacks against the affected application...
Code injection
portal/server.pt in the Plumtree portal in BEA AquaLogic Interaction 5.0.2 through 5.0.4 and 6.0.1.218452 allows wildcards in advanced searches for usernames, which allows remote attackers to enumerate valid usernames via the intxfulltext parameter...
CVE-2007-6198
portal/server.pt in the Plumtree portal in BEA AquaLogic Interaction 5.0.2 through 5.0.4 and 6.0.1.218452 allows wildcards in advanced searches for usernames, which allows remote attackers to enumerate valid usernames via the intxfulltext parameter...
CVE-2007-6197
The Plumtree portal in BEA AquaLogic Interaction 5.0.2 through 5.0.4 and 6.0.1.218452 allows remote attackers to obtain version numbers and internal hostnames by reading comments in the HTML source of any page...
Code injection
The Plumtree portal in BEA AquaLogic Interaction 5.0.2 through 5.0.4 and 6.0.1.218452 allows remote attackers to obtain version numbers and internal hostnames by reading comments in the HTML source of any page...
CVE-2007-6198
portal/server.pt in the Plumtree portal in BEA AquaLogic Interaction 5.0.2 through 5.0.4 and 6.0.1.218452 allows wildcards in advanced searches for usernames, which allows remote attackers to enumerate valid usernames via the intxfulltext parameter...
CVE-2007-6197
The CVE-2007-6197 entry affects BEA AquaLogic Interaction Plumtree Portal 5.0.2–5.0.4 and 6.0.1.218452. The root cause is information disclosure via comments in the HTML source of any page, allowing remote attackers to learn version numbers and internal hostnames. Impact is partial confidentialit...
CVE-2007-6197
The Plumtree portal in BEA AquaLogic Interaction 5.0.2 through 5.0.4 and 6.0.1.218452 allows remote attackers to obtain version numbers and internal hostnames by reading comments in the HTML source of any page...
CVE-2007-6198
The CVE-2007-6198 issue affects the Plumtree Portal component (portal/server.pt) in BEA AquaLogic Interaction versions 5.0.2–5.0.4 and 6.0.1.218452. The vulnerability allows wildcards in advanced searches for usernames via the in_tx_fulltext parameter, enabling remote attackers to enumerate valid...
BEA AquaLogic Interaction 6.06.1 Plumtree Portal - Multiple Information Disclosure Vulnerabilities
BEA AquaLogic Interaction 6.06.1 Plumtree Portal - Multiple Information Disclosure Vulnerabilities source: https://www.securityfocus.com/bid/26620/info BEA AquaLogic Interaction is prone to multiple information-disclosure vulnerabilities. Attackers can exploit these issues to access valid usernam...
BEA AquaLogic Interaction 6.0/6.1 Plumtree Portal - Multiple Information Disclosure Vulnerabilities
source: https://www.securityfocus.com/bid/26620/info BEA AquaLogic Interaction is prone to multiple information-disclosure vulnerabilities. Attackers can exploit these issues to access valid usernames in the Plumtree portal as well as the server hostname, build date, and server version. Informati...