Design/Logic Flaw

Unspecified vulnerability in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allows remote attackers to modify data or obtain sensitive information via a crafted URL...

Sql injection

Multiple SQL injection vulnerabilities in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allow remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2010-4498

The CVE-2010-4498 entry concerns a vulnerability in the TIBCO Collaborative Information Manager (CIM) server and ActiveCatalog prior to versions 8.1.0 and 1.0.1, respectively. The issue is described as an unspecified vulnerability that allows remote attackers to modify data or obtain sensitive in...

CVE-2010-4496

Multiple SQL injection vulnerabilities in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allow remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2010-4499

CVE-2010-4499 affects the Collaborative Information Manager server (and ActiveCatalog) prior to versions 8.1.0 and 1.0.1, respectively. The issue is a session fixation vulnerability that allows remote attackers to hijack web sessions via unspecified vectors. The provided documents consistently de...

CVE-2010-4496

CVE-2010-4496 involves multiple SQL injection vulnerabilities in the Collaborative Information Manager server, as used in TIBCO CIM before 8.1.0 and ActiveCatalog before 1.0.1. The issue allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Affected component/versions...

CVE-2010-4499

Session fixation vulnerability in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allows remote attackers to hijack web sessions via unspecified vectors...

CVE-2010-4497

Cross-site scripting XSS vulnerability in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2010-4498

Unspecified vulnerability in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allows remote attackers to modify data or obtain sensitive information via a crafted URL...

Passman Detection

This host is running Collaborative Passwords Manager, a Passwords Manager dedicated for managing passwords in a collaborative way. OpenVAS Vulnerability Test $Id: gbpassmandetect.nasl 5735 2017-03-27 12:27:20Z cfi $ Passman Detection Authors: Michael Meyer Copyright: Copyright c 2010 Greenbone...

Collaborative Passwords Manager (cPassMan) Detection

This host is running Collaborative Passwords Manager cPassMan, a Passwords Manager dedicated for managing passwords in a collaborative way. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

Collaborative Passwords Manager (cPassMan) Multiple Local File Include Vulnerabilities

cPassMan is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user- supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver process. Th...

Entrans SQL Injection

Exploit Title: Entrans SQLi vulnerablility Date: 2010/9/27 Author: keracker Software Link: http://sourceforge.net/projects/entrans/ Software Description: Entrans is an online collaborative translation tool used for editing and translation of PO files. It provides features such as dynamic'' keyboa...

Entrans - SQL Injection

Exploit Title: Entrans SQLi vulnerablility Date: 2010/9/27 Author: keracker Software Link: http://sourceforge.net/projects/entrans/ Software Description: Entrans is an online collaborative translation tool used for editing and translation of PO files. It provides features such as dynamic'' keyboa...

Collaborative Passwords Manager 1.07 Local File Inclusion

Collaborative Passwords Manager 1.07 Multiple Local Include Exploit Found by sh00t0ut Expl: Vendor: http://code.google.com/p/cpassman/downloads/list http://victim/?SESSIONuserlanguage=etc/passwd%00 http://victim/sources/admin.queries.php?SESSIONuserlanguage=etc/passwd%00...

Collaborative Passwords Manager 1.07 - Multiple Local File Inclusions

Collaborative Passwords Manager 1.07 Multiple Local Include Exploit Found by sh00t0ut Expl: Vendor: http://code.google.com/p/cpassman/downloads/list http://victim/?SESSIONuserlanguage=etc/passwd%00 http://victim/sources/admin.queries.php?SESSIONuserlanguage=etc/passwd%00...

ACollab Multiple Vulnerabilities

Exploit for php platform in category web applications ================================ ACollab Multiple Vulnerabilities ================================ www.BugReport.ir AmnPardaz Security Research Team Title: ACollab Multiple Vulnerabilities Vendor: http://www.atutor.ca/acollab Vulnerable Versio...

DSA-2041-1 mediawiki - cross-site request forgery

Bulletin has no description...

CentOS 5 : subversion (CESA-2009:1203)

Updated subversion packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Subversion SVN is a concurrent version control system which enables one or mo...

SAP Cfolders Stored Cross Site Scripting

Digital Security Research Group DSecRG Advisory DSECRG-09-014 Original advisory: http://dsecrg.com/pages/vul/show.php?id=114 Application: SAP Cfolders included in: SAP SRM, SAP ECC, SAP Knowledge Management and SAP NetWeaver cRooms Vendor URL: http://SAP.com Bugs: Multiple Stored XSS Risk: Hight...