27 matches found
CVE-2022-3927
The affected products store both public and private key that are used to sign and protect Custom Parameter Set CPS file from modification. An attacker that manages to exploit this vulnerability will be able to change the CPS file, sign it so that it is trusted as the legitimate CPS file. This iss...
CVE-2022-3927 The affected products store public and private key that are used to sign and protect custom parameter set files from modification.
The affected products store both public and private key that are used to sign and protect Custom Parameter Set CPS file from modification. An attacker that manages to exploit this vulnerability will be able to change the CPS file, sign it so that it is trusted as the legitimate CPS file. This iss...
Hitachi FOXMAN-UN 信任管理问题漏洞
Hitachi FOXMAN-UN is a powerful toolset for a comprehensive NMS suite from Hitachi, Japan. A security vulnerability exists in Hitachi FOXMAN-UN, which stems from the fact that it contains public and private keys used to sign and protect Custom Parameter Sets CPS files from modification, allowing ...
CVE-2022-25611
Authenticated Stored Cross-Site Scripting XSS in Simple Event Planner plugin = 1.5.4 allows attackers with contributor or higher user roles to inject the malicious script by using vulnerable parameter &customaddseg...
WordPress plugin uListing SQL injection vulnerability
The WordPress plugin uListing is a directory and listing plugin based on Vue.js. A SQL injection vulnerability exists in the custom parameter of the WordPress plugin uListing 2.0.3 and earlier versions. No details of the vulnerability are currently available...
WordPress 插件 SQL注入漏洞
The WordPress plugin uListing is a directory and listing plugin based on Vue.js. A SQL injection vulnerability exists in the custom parameter of the WordPress plugin uListing 2.0.3 and earlier versions. No details of the vulnerability are currently available...
Automated application scanning: handling complicated logins with AppScan (only!)
Ory Segal @orysegal from IBM Rational reached out with a simpler method to handle this natively in AppScan. It involves configuring AppScan to add a custom parameter to each request. For the sample case in the authexamples GitHub repository it would be handled like this...