33 matches found
EUVD-2020-7081
Malware in sbrugna...
BSA Radar Information Disclosure (CVE-2020-14946)
An information disclosure vulnerability exists in BSA Radar. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
BSA Radar 1.6.7234.24750 - Local File Inclusion
Exploit title: BSA Radar 1.6.7234.24750 - Local File Inclusion Date: 2020-07-08 Exploit Author: William Summerhill Vendor homepage: https://www.globalradar.com/ Version: BSA Radar - Version 1.6.7234.24750 and lower CVE-2020-14946 - Local File Inclusion Description: The Administrator section of th...
BSA Radar 1.6.7234.24750 - Local File Inclusion Vulnerability
Exploit for multiple platform in category web applications Exploit title: BSA Radar 1.6.7234.24750 - Local File Inclusion Exploit Author: William Summerhill Vendor homepage: https://www.globalradar.com/ Version: BSA Radar - Version 1.6.7234.24750 and lower CVE-2020-14946 - Local File Inclusion...
BSA Radar 1.6.7234.24750 Local File Inclusion
Exploit title: BSA Radar 1.6.7234.24750 - Local File Inclusion Date: 2020-07-08 Exploit Author: William Summerhill Vendor homepage: https://www.globalradar.com/ Version: BSA Radar - Version 1.6.7234.24750 and lower CVE-2020-14946 - Local File Inclusion Description: The Administrator section of th...
BSA Radar 1.6.7234.24750 Cross Site Request Forgery
Exploit title: BSA Radar 1.6.7234.24750 - Cross-Site Request Forgery Change Password Exploit Author: William Summerhill Date: 2020-06-22 Vendor Homepage:bhttps://www.globalradar.com/ Version: BSA Radar - Version 1.6.7234.24750 and lower CVE: CVE-2020-14944 Description: The Global RADAR BSA Radar...
BSA Radar 1.6.7234.24750 - Cross-Site Request Forgery (Change Password) Vulnerability
Exploit for hardware platform in category web applications Exploit title: BSA Radar 1.6.7234.24750 - Cross-Site Request Forgery Change Password Exploit Author: William Summerhill Vendor Homepage:bhttps://www.globalradar.com/ Version: BSA Radar - Version 1.6.7234.24750 and lower CVE: CVE-2020-1494...
BSA Radar 1.6.7234.24750 - Cross-Site Request Forgery (Change Password)
Exploit title: BSA Radar 1.6.7234.24750 - Cross-Site Request Forgery Change Password Exploit Author: William Summerhill Date: 2020-06-22 Vendor Homepage:bhttps://www.globalradar.com/ Version: BSA Radar - Version 1.6.7234.24750 and lower CVE: CVE-2020-14944 Description: The Global RADAR BSA Radar...
BSA Radar 1.6.7234.24750 - Authenticated Privilege Escalation
Exploit Title: BSA Radar 1.6.7234.24750 - Authenticated Privilege Escalation Date: 2020-07-06 Exploit Author: William Summerhill Vendor homepage: https://www.globalradar.com/ Version: BSA Radar - Version 1.6.7234.24750 and lower CVE-2020-14945 - Privilege Escalation Description: A privilege...
BSA Radar 1.6.7234.24750 Cross Site Scripting
Exploit title: BSA Radar 1.6.7234.24750 - Persistent Cross-Site Scripting Exploit Author: William Summerhill Date: 2020-06-22 Vendor homepage: https://www.globalradar.com/ Tested on: Window CVE-2020-14943 Description: The "Firstname" and "Lastname" parameters in Global RADAR BSA Radar 1.6.7234.X...
BSA Radar 1.6.7234.24750 - Persistent Cross-Site Scripting Vulnerability
Exploit for multiple platform in category web applications Exploit title: BSA Radar 1.6.7234.24750 - Persistent Cross-Site Scripting Exploit Author: William Summerhill Vendor homepage: https://www.globalradar.com/ Tested on: Window CVE-2020-14943 Description: The "Firstname" and "Lastname"...
BSA Radar 1.6.7234.24750 - Persistent Cross-Site Scripting
Exploit title: BSA Radar 1.6.7234.24750 - Persistent Cross-Site Scripting Exploit Author: William Summerhill Date: 2020-06-22 Vendor homepage: https://www.globalradar.com/ Tested on: Window CVE-2020-14943 Description: The "Firstname" and "Lastname" parameters in Global RADAR BSA Radar 1.6.7234.X...
Global RADAR BSA Radar Cross-Site Scripting Vulnerability
Global RADAR BSA Radar is a suite of anti-money laundering AML solutions for the financial sector from US-based Global RADAR. A cross-site scripting vulnerability exists in the 'Firstname' and 'Lastname' parameters in Global RADAR BSA Radar 1.6.7234.24750 and earlier versions. The vulnerability...
Global RADAR BSA Radar Elevation of Privilege Vulnerability
Global RADAR BSA Radar is a suite of anti-money laundering AML solutions for the financial sector from US-based Global RADAR. A security vulnerability exists in Global RADAR BSA Radar 1.6.7234.24750 and prior versions. An attacker can exploit this vulnerability by modifying SaveUser data to...
Global RADAR BSA Radar Unnamed Vulnerability
Global RADAR BSA Radar is a suite of anti-money laundering AML solutions for the financial sector from US-based Global RADAR. A security vulnerability exists in Global RADAR BSA Radar version 1.6.7234.24750 and prior versions that stems from the program's lack of effective authorization controls...
CVE-2020-14946
downloadFile.ashx in the Administrator section of the Surveillance module in Global RADAR BSA Radar 1.6.7234.24750 and earlier allows users to download transaction files. When downloading the files, a user is able to view local files on the web server by manipulating the FileName and FilePath...
CVE-2020-14946
downloadFile.ashx in the Administrator section of the Surveillance module in Global RADAR BSA Radar 1.6.7234.24750 and earlier allows users to download transaction files. When downloading the files, a user is able to view local files on the web server by manipulating the FileName and FilePath...
CVE-2020-14944
Global RADAR BSA Radar 1.6.7234.24750 and earlier lacks valid authorization controls in multiple functions. This can allow for manipulation and takeover of user accounts if successfully exploited. The following vulnerable functions are exposed: ChangePassword, SaveUserProfile, and GetUser...
CVE-2020-14943
The Firstname and Lastname parameters in Global RADAR BSA Radar 1.6.7234.24750 and earlier are vulnerable to stored cross-site scripting XSS via Update User Profile...
CVE-2020-14945
A privilege escalation vulnerability exists within Global RADAR BSA Radar 1.6.7234.24750 and earlier that allows an authenticated, low-privileged user to escalate their privileges to administrator rights i.e., the BankAdmin role via modified SaveUser data...