118 matches found
CVE-2017-6623
A vulnerability in a script file that is installed as part of the Cisco Policy Suite CPS Software distribution for the CPS appliance could allow an authenticated, local attacker to escalate their privilege level to root. The vulnerability is due to incorrect sudoers permissions on the script file...
CVE-2017-6623
CVE-2017-6623 describes a local privilege-escalation in Cisco Policy Suite (CPS) on CPS appliances. The root cause is incorrect sudoers permissions on a script file installed with CPS, enabling an authenticated local user to supply crafted CLI input and execute commands as root, thereby gaining r...
Cisco Policy Suite Privilege Escalation Vulnerability
A vulnerability in a script file that is installed as part of the Cisco Policy Suite CPS Software distribution for the CPS appliance could allow an authenticated, local attacker to escalate their privilege level to root. The vulnerability is due to incorrect sudoers permissions on the script file...
cpsenergy.com XSS vulnerability
Vulnerable URL: https://cpsenergy.com/en/solrsearch.html?q=prompt/XSSPOSED/...
cps.unizar.es XSS vulnerability
Vulnerable URL: http://www.cps.unizar.es/ori/students/index.php?page=location" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check...
Apache Struts CVE-2016-1181 Remote Code Execution Vulnerability
Description Apache Struts is prone to a remote code-execution vulnerability. Successfully exploiting this issue may allow an attacker to execute arbitrary code in the context of the affected application. Failed exploit attempts may cause a denial-of-service condition. Apache Struts 1.0 through...
CVE-2016-1357
CVE-2016-1357 affects Cisco Policy Suite (CPS) password-management administration component. The vulnerability allows remote attackers to bypass RBAC and read unspecified data via unknown vectors (Bug ID CSCut85211). Affected CPS versions include 7.0.1.3, 7.0.2, 7.0.2-att, 7.0.3-att, 7.0.4-att, a...
CVE-2016-0232
CVE-2016-0232 affects IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment Services (CPS) in the 3.0.0.x line (and related multi‑platform/ACH/Check/CPS deployments). An authenticated remote attacker could obtain sensitive information by reading README fil...
helpdesk.cps-datensysteme.de XSS vulnerability
Open Bug Bounty ID: OBB-113127 Description| Value ---|--- Affected Website:| helpdesk.cps-datensysteme.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
RHEL 5 : xinetd (RHSA-2013:1302)
An updated xinetd package that fixes one security issue and two bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Low: Red Hat Security Advisory: xinetd security and bug fix update
An updated xinetd package that fixes one security issue and two bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Scientific Linux Security Update : xinetd on SL6.x i386/x86_64 (20130221)
When xinetd services are configured with the 'TCPMUX' or 'TCPMUXPLUS' type, and the tcpmux-server service is enabled, those services are accessible via port 1. It was found that enabling the tcpmux-server service it is disabled by default allowed every xinetd service, including those that are not...
xinetd security update
CentOS Errata and Security Advisory CESA-2013:0499 An updated xinetd package that fixes one security issue and two bugs is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CV...
RedHat Update for xinetd RHSA-2013:0499-02
Check for the Version of xinetd OpenVAS Vulnerability Test RedHat Update for xinetd RHSA-2013:0499-02 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
CVE-2006-2141
Cross-site scripting XSS vulnerability in popupimage in Collaborative Portal Server CPS 3.4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the pos argument...
CVE-2006-2141
CVE-2006-2141 describes a cross-site scripting (XSS) vulnerability in the popup_image function of Collaborative Portal Server (CPS) up to version 3.4.0 and earlier. The issue allows an attacker to inject arbitrary web script or HTML by supplying a malicious value in the pos parameter. The connect...
CPS <=3.4.0 XSS
CPS =3.4.0 XSS Vuln. discovered by : r0t Date: 30 april 2006 vendorlink:http://www.cps-project.org/ affected versions:3.4.0 and prior orginal avdisory: http://pridels.blogspot.com/2006/04/cps-340-xss.html Vuln. Description: CPS contains a flaw that allows a remote cross site scripting attack. Thi...
CVE-2005-3800
The CVE concerns Macromedia Contribute Publishing Server (CPS) prior to version 1.11 that uses a weak algorithm to encrypt user passwords within connection keys that rely on shared FTP login credentials. The underlying issue enables disclosure of sensitive information by an attacker who can acces...