22 matches found
EUVD-2015-2774
Malware in sbrugna...
EUVD-2015-7895
Malware in sbrugna...
CVE-2015-7999
Multiple SQL injection vulnerabilities in the Administration Web UI servlets in Citrix Command Center before 5.1 Build 36.7 and 5.2 before Build 44.11 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors...
Sql injection
Multiple SQL injection vulnerabilities in the Administration Web UI servlets in Citrix Command Center before 5.1 Build 36.7 and 5.2 before Build 44.11 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors...
CVE-2015-7999
Multiple SQL injection vulnerabilities in the Administration Web UI servlets in Citrix Command Center before 5.1 Build 36.7 and 5.2 before Build 44.11 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors...
CVE-2015-7999
CVE-2015-7999 describes multiple SQL injection vulnerabilities in Citrix Command Center’s Administration Web UI servlets, affecting 5.1 Build 36.7 and 5.2 Build 44.11 prior builds. The root cause is insufficient input handling during SQL statement construction, enabling remote authenticated users...
Citrix Systems Command Center SQL Injection Vulnerability
Citrix Systems Command Center is a suite of centralized management software for Citrix products from Citrix Systems USA. The software configures or monitors system health from a single console and provides device discovery, device log auditing, and device performance monitoring. A SQL injection...
Citrix Command Center Information Disclosure Vulnerability
Citrix Command Center provides centralized management of Branch Repeater products deployed across the network. A security vulnerability exists in Citrix Command Center that allows a remote attacker to submit a conf/securitydbData.xml request to obtain sensitive information...
Citrix Command Center Arbitrary Code Execution Vulnerability
Citrix Command Center provides centralized management of Branch Repeater products deployed across the network. Citrix Command Center fails to properly restrict access to Advent Java Management Extensions JMX, which allows remote attackers to exploit a vulnerability to execute arbitrary code via...
CVE-2015-2683
Citrix Command Center before 5.1 Build 35.4 and 5.2 before Build 42.7 does not properly restrict access to the Advent Java Management Extensions JMX Servlet, which allows remote attackers to execute arbitrary code via unspecified vectors to servlets/Jmxdynamic...
CVE-2015-2682
Citrix Command Center before 5.1 Build 35.4 and 5.2 before Build 42.7 allows remote attackers to obtain credentials via a direct request to conf/securitydbData.xml...
Design/Logic Flaw
Citrix Command Center before 5.1 Build 35.4 and 5.2 before Build 42.7 allows remote attackers to obtain credentials via a direct request to conf/securitydbData.xml...
CVE-2015-2683
Citrix Command Center before 5.1 Build 35.4 and 5.2 before Build 42.7 does not properly restrict access to the Advent Java Management Extensions JMX Servlet, which allows remote attackers to execute arbitrary code via unspecified vectors to servlets/Jmxdynamic...
CVE-2015-2682
Citrix Command Center before 5.1 Build 35.4 and 5.2 before Build 42.7 allows remote attackers to obtain credentials via a direct request to conf/securitydbData.xml...
KLA10522 Multiple vulnerabilities in Citrix CC
Multiple serious vulnerabilities have been found in Citrix Controle Center. Malicious users can exploit these vulnerabilities to execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper access restrictions can be exploited remotely via an...
Advent JMX Servlet of Citrx Command Center is accessible to unauthenticated users
------------------------------------------------------------------------ Advent JMX Servlet of Citrx Command Center is accessible to unauthenticated users ------------------------------------------------------------------------ Han Sahin, August 2014...
Citrix Command Center authentication bypass
Advent JMX is accessible...
Citrx Command Center Advent JMX Servlet Accessible
------------------------------------------------------------------------ Advent JMX Servlet of Citrx Command Center is accessible to unauthenticated users ------------------------------------------------------------------------ Han Sahin, August 2014...
Citrix Command Center Configuration Disclosure
------------------------------------------------------------------------ Citrix Command Center allows downloading of configuration files ------------------------------------------------------------------------ Han Sahin, August 2014...
Citrix Command Center - Credential Disclosure Vulnerability
It was discovered that Citrix Command Center stores configuration files containing credentials of managed devices within a folder accessible through the web server. Unauthenticated attackers can download any configuration file stored in this folder, decode passwords stored in these files, and gai...