2 matches found
CVE-2014-9575
VDG Security SENSE formerly DIVA before 2.3.15 allows remote attackers to bypass authentication, and consequently read and modify arbitrary plugin settings, via an encoded : colon character in the Authorization HTTP header...
CVE-2014-9575
CVE-2014-9575 affects VDG Security SENSE (formerly DIVA) before 2.3.15. A crafted encoded colon in the Authorization header allows remote attackers to bypass authentication and read/modify arbitrary plugin settings. Remediation: upgrade to 2.3.16 (or later) per available changelog. The reports co...