9 matches found
Siemens Mendix Email Connector Module Improper Access Control Vulnerability
Siemens Mendix Email Connector Module allows email to be sent and received on its own email server and adds new features such as sending signed and encrypted emails.A security vulnerability exists in Siemens Mendix Email Connector Module due to a version of the affected module that fails to...
CVE-2019-11215
In Combodo iTop 2.2.0 through 2.6.0, if the configuration file is writable, then execution of arbitrary code can be accomplished by calling ajax.dataloader with a maliciously crafted payload. Many conditions can place the configuration file into a writable state: during installation; during...
CVE-2019-11215
In Combodo iTop 2.2.0 through 2.6.0, if the configuration file is writable, then execution of arbitrary code can be accomplished by calling ajax.dataloader with a maliciously crafted payload. Many conditions can place the configuration file into a writable state: during installation; during...
Race condition
In Combodo iTop 2.2.0 through 2.6.0, if the configuration file is writable, then execution of arbitrary code can be accomplished by calling ajax.dataloader with a maliciously crafted payload. Many conditions can place the configuration file into a writable state: during installation; during...
CVE-2019-11215
In Combodo iTop 2.2.0 through 2.6.0, if the configuration file is writable, then execution of arbitrary code can be accomplished by calling ajax.dataloader with a maliciously crafted payload. Many conditions can place the configuration file into a writable state: during installation; during...
FCKeditor JSP版本 connector模块文件上传漏洞
No description provided by source...
Drupal Acquia Cloud Site Factory Connector Module Open Redirect Vulnerability
Drupal is a free and open source content management system developed in PHP. An open redirection vulnerability exists in the Drupal Acquia Cloud Site Factory Connector module, which allows an attacker to construct a malicious URI, trick users into parsing it, and redirect users to an arbitrary WE...
FCKeditor connectors模块多个跨站脚本及目录遍历漏洞
CVECAN ID: CVE-2009-2324,CVE-2009-2265 FCKeditor是一款开放源码的HTML文本编辑器。 FCKeditor没有正确地验证用户对多个connector模块所传送的输入,远程攻击者可以利用samples目录中的组件注入任意脚本或HTML,或通过目录遍历攻击上传恶意文件。 FCKeditor = 2.6.4 从editor\filemanager\connectors中删除不使用的连接器 在config.ext中禁用文件浏览器 完全删除samples目录 厂商补丁: FCKeditor ---------...
Sun One Application Server buffer overflow
Buffer overflow on oversized URI in connector module...