13 matches found
EUVD-2016-0296
Malware in sbrugna...
Faster, more personalized service begins at the frontline with Microsoft Intune
In healthcare, patient trust often begins at the frontline with people who deliver care, respond to questions, and manage crucial in-the-moment decisions. Increasingly, those experiences are shaped by the tools frontline workers use. When devices are secure, responsive, and tailored to clinical...
Child's Day Care Management System 1.0 SQL Injection
Title: Child's Day Care Management System 1.0 SQL - Injection Author: nu11secur1ty Date: 12.16.2021 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15085/childs-day-care-management-system-phpoop-free-source-code.html Description: The username in...
caremanagementmatters.co.uk Open Redirect vulnerability
Open Bug Bounty ID: OBB-1175270 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website...
Security Bulletin: A Vulnerability in Apache Santuario affects IBM Cúram (CVE-2013-2172)
Summary IBM Cúram is shipped with a third party library called Santuario, which is vulnerable to a Java spoofing attack. Vulnerability Details CVEID: CVE-2013-2172 DESCRIPTION: Apache Santuario XML Security for Java could allow a remote attacker to conduct spoofing attacks, caused by the failure ...
Security Bulletin: Fix available for Vulnerability in Cross-Site Scripting (XSS) affecting IBM Cúram Social Program Management (CVE-2016-0261)
Summary IBM Cúram Social Program Management is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker might exploit this vulnerability by using a specially crafted URL to run a script in a victim's web browser. Vulnerability Details CVEID:...
Security Bulletin: Vulnerabilities in WSS4J affects IBM Cúram (CVE-2015-0226 & CVE-2015-0227 )
Summary IBM Cúram is shipped with a third party library called WSS4J, which is vulnerable to an attack on XML Encryption. WSS4J also fails to properly enforce the requireSignedEncryptedDataElements property which leaves it vulnerable to XML Signature wrapping attacks . Vulnerability Details CVEID...
Cross site scripting
Cross-site scripting XSS vulnerability in IBM Curam Social Program Management 6.0.0 before SP2 EP29, 6.0.4 before 6.0.4.6 iFix3, 6.0.5 before 6.0.5.9 iFix2, 6.1.0 before 6.1.0.1 iFix1, and 6.1.1 before 6.1.1.1 iFix1; and IBM Care Management 6.0 allows remote attackers to inject arbitrary web scri...
CVE-2016-0261
Cross-site scripting XSS vulnerability in IBM Curam Social Program Management 6.0.0 before SP2 EP29, 6.0.4 before 6.0.4.6 iFix3, 6.0.5 before 6.0.5.9 iFix2, 6.1.0 before 6.1.0.1 iFix1, and 6.1.1 before 6.1.1.1 iFix1; and IBM Care Management 6.0 allows remote attackers to inject arbitrary web scri...
CVE-2016-0261
Cross-site scripting XSS vulnerability in IBM Curam Social Program Management 6.0.0 before SP2 EP29, 6.0.4 before 6.0.4.6 iFix3, 6.0.5 before 6.0.5.9 iFix2, 6.1.0 before 6.1.0.1 iFix1, and 6.1.1 before 6.1.1.1 iFix1; and IBM Care Management 6.0 allows remote attackers to inject arbitrary web scri...
CVE-2016-0261
Cross-site scripting XSS vulnerability in IBM Curam Social Program Management 6.0.0 before SP2 EP29, 6.0.4 before 6.0.4.6 iFix3, 6.0.5 before 6.0.5.9 iFix2, 6.1.0 before 6.1.0.1 iFix1, and 6.1.1 before 6.1.1.1 iFix1; and IBM Care Management 6.0 allows remote attackers to inject arbitrary web scri...
CVE-2016-0261
Cross-site scripting XSS vulnerability in IBM Curam Social Program Management 6.0.0 before SP2 EP29, 6.0.4 before 6.0.4.6 iFix3, 6.0.5 before 6.0.5.9 iFix2, 6.1.0 before 6.1.0.1 iFix1, and 6.1.1 before 6.1.1.1 iFix1; and IBM Care Management 6.0 allows remote attackers to inject arbitrary web scri...
ICSMA-17-009-01A_St. Jude Merlin@home Transmitter Vulnerability (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSMA-17-009-01 St. Jude Merlin@home Transmitter Vulnerability that was published January 9, 2017, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 5 -------- MedSec Holdings has identified a channel...