CVE-2013-5426

Session fixation vulnerability in IBM InfoSphere Master Data Management - Collaborative Edition 10.x before 10.1 IF5 and 11.0 before IF1 and InfoSphere Master Data Management Server for Product Information Management 9.x before 9.1 IF11 allows remote authenticated users to hijack web sessions via...

CVE-2013-5426

CVE-2013-5426 affects IBM InfoSphere Master Data Management - Collaborative Edition (11.0, 10.1, 10.0) and IBM InfoSphere Master Data Management Server for Product Information Management (9.0, 9.1). The issue is a session-fixation vulnerability that could allow an authenticated attacker to hijack...

CVE-2013-4036

CVE-2013-4036 affects IBM InfoSphere Master Data Management products: InfoSphere Master Data Management Server for Product Information Management (PIM) versions 9.0/9.1 and Collaborative Edition (MDMCS) versions 10.0/10.1/11.0. The vulnerability is an XSS due to improper validation of user-suppli...

Debian Security Advisory DSA 2694-1 (spip - privilege escalation)

A privilege escalation vulnerability has been found in SPIP, a website engine for publishing, which allows anyone to take control of the website. OpenVAS Vulnerability Test $Id: deb2694.nasl 6611 2017-07-07 12:07:20Z cfischer $ Auto-generated from advisory DSA 2694-1 using nvtgen 1.0 Script...

CVE-2013-0478

The CVE-2013-0478 entry describes an XSS vulnerability in IBM InfoSphere Master Data Management – Collaborative Edition (versions 10.0 and 10.1 before FP1) and InfoSphere Master Data Management Server for Product Information Management (versions 6.0, 9.0, 9.1). The flaw allows remote authenticate...

Microsoft Visual Studio Team Foundation Server / Azure DevOps Server Detection

The remote host is running Microsoft Visual Studio Team Foundation Server or Azure DevOps Server. This software is a suite of tools for collaborative software development. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description...

Cortana scripting language introduced for Cobalt Strike and Armitage

At DEFCON 20, Raphael Mudge the developer of Armitage released the most significant update to Armitage. Armitage is now fully scriptable and capable of hosting bots in acollaborative hacking engagement. Raphael Mudge is the founder of Strategic Cyber LLC, a Washington, DC based company that creat...

Startup CrowdStrike Launches Crowd-Sourced Platform for Malware Analysis

Venture funded startup CrowdStrike has launched a new platform that will allow security researchers to work collaboratively to reverse engineer and analyze malicious code. The new platform, CrowdRE, was designed to resemble conventional software version control systems, with features that allow...

[SECURITY] Fedora 17 Update: FlightGear-2.6.0-2.fc17

The Flight Gear project is working to create a sophisticated flight simulator framework for the development and pursuit of interesting flight simulator ideas. We are developing a solid basic sim that can be expanded and improved upon by anyone interested in contributing...

phpMyBible 0.5.1 Cross Site Scripting

Exploit Title: phpMyBible 0.5.1 Mutiple XSS Date: 04/15/12 Author: G13 Twitter: @g13net Software http://sourceforge.net/projects/phpmybible/?source=directory Version: 0.5.1 Category: webapps php Description phpMyBible is an online collaborative project to make an e-book of the Holy Bible in as...

phpMyBible 0.5.1 Mutiple XSS

Exploit Title: phpMyBible 0.5.1 Mutiple XSS Date: 04/15/12 Author: G13 Twitter: @g13net Software http://sourceforge.net/projects/phpmybible/?source=directory Version: 0.5.1 Category: webapps php Description phpMyBible is an online collaborative project to make an e-book of the Holy Bible in as...

Collaborative Passwords Manager (cPassMan) Remote Command Execution

cPassMan is prone to a remote command execution vulnerability because it fails to properly sanitize user supplied input. Successful exploitation allows execution of arbitrary commands, and possibly compromise the affected application. cPassMan 1.82 is vulnerable; other versions may also be...

DerbyCon 2011 Security Conference - Louisville, Kentucky

DerbyCon 2011 Security Conference - Louisville, Kentucky Welcome to a new age in security conferences, a new beginning, and a new way to share in the information security space. Our goal is to create a fun environment where the security community can come together and share ideas. Before we even...

Novell GroupWise Client IMG Tag SRC Parameter Buffer Overflow (CVE-2007-6435)

Novell GroupWise is a client-server collaborative software and email system provided by Novell. The Novell GroupWise Client application is capable of communicating with Novell Group server, as well as Internet email gateways using SMTP, POP, and IMAP protocols. A buffer overflow vulnerability has...

cPassMan 1.82 - Arbitrary File Download

cPassMan 1.82 - Arbitrary File Download Sense of Security - Security Advisory - SOS-11-004 Release Date. 15-Apr-2011 Last Update. - Vendor Notification Date. 7-Mar-2011 Product. Collaborative Passwords Manager cPassMan Platform. Independent PHP Affected versions. 1.82 verified, and possibly other...

CVE-2010-4497

Cross-site scripting XSS vulnerability in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2010-4498

Unspecified vulnerability in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allows remote attackers to modify data or obtain sensitive information via a crafted URL...

CVE-2010-4499

Session fixation vulnerability in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allows remote attackers to hijack web sessions via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Session fixation

Session fixation vulnerability in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allows remote attackers to hijack web sessions via unspecified vectors...