Lucene search
K

7 matches found

F5 Networks
F5 Networks
added 2023/02/21 7:58 p.m.47 views

K49033153: Apache Syncope vulnerabilities CVE-2018-1321 and CVE-2018-1322

Security Advisory Description CVE-2018-1321 An administrator with report and template entitlements in Apache Syncope 1.2.x before 1.2.11, 2.0.x before 2.0.8, and unsupported releases 1.0.x and 1.1.x which may be also affected, can use XSL Transformations XSLT to perform malicious operations,...

7.2CVSS6.2AI score0.20502EPSS
Exploits4
Packet Storm
Packet Storm
added 2018/09/15 12:0 a.m.108 views

Apache Syncope 2.0.7 Remote Code Execution

Exploit Title: Apache Syncope 2.0.7 - Remote Code Execution Date: 2018-09-12 Exploit Author: Che-Chun Kuo Vendor Homepage: https://syncope.apache.org/ Software Link: http://archive.apache.org/dist/syncope/ Version: 2.0.7 Tested on: Windows Advisory: https://syncope.apache.org/security CVE:...

6.5CVSS0.3AI score0.20502EPSS
Exploits4
0day.today
0day.today
added 2018/09/15 12:0 a.m.76 views

Apache Syncope 2.0.7 Remote Code Execution Exploit

Exploit for windows platform in category remote exploits Exploit Title: Apache Syncope 2.0.7 - Remote Code Execution Date: 2018-09-12 Exploit Author: Che-Chun Kuo Vendor Homepage: https://syncope.apache.org/ Software Link: http://archive.apache.org/dist/syncope/ Version: 2.0.7 Tested on: Windows...

6.5CVSS6.7AI score0.20502EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/09/13 12:0 a.m.57 views

Apache Syncope 2.0.7 - Remote Code Execution

Exploit Title: Apache Syncope 2.0.7 - Remote Code Execution Date: 2018-09-12 Exploit Author: Che-Chun Kuo Vendor Homepage: https://syncope.apache.org/ Software Link: http://archive.apache.org/dist/syncope/ Version: 2.0.7 Tested on: Windows Advisory: https://syncope.apache.org/security CVE:...

7.2CVSS7AI score0.20502EPSS
Exploits4
exploitpack
exploitpack
added 2018/09/13 12:0 a.m.67 views

Apache Syncope 2.0.7 - Remote Code Execution

Apache Syncope 2.0.7 - Remote Code Execution Exploit Title: Apache Syncope 2.0.7 - Remote Code Execution Date: 2018-09-12 Exploit Author: Che-Chun Kuo Vendor Homepage: https://syncope.apache.org/ Software Link: http://archive.apache.org/dist/syncope/ Version: 2.0.7 Tested on: Windows Advisory:...

6.5CVSS0.3AI score0.20502EPSS
Exploits4
OSV
OSV
added 2018/03/20 5:29 p.m.13 views

CVE-2018-1322

An administrator with user search entitlements in Apache Syncope 1.2.x before 1.2.11, 2.0.x before 2.0.8, and unsupported releases 1.0.x and 1.1.x which may be also affected, can recover sensitive security values using the fiql and orderby parameters...

4.9CVSS5.5AI score0.20502EPSS
Exploits4References3
CVE
CVE
added 2018/03/20 5:0 p.m.94 views

CVE-2018-1322

CVE-2018-1322 affects Apache Syncope: 1.2.x before 1.2.11, 2.0.x before 2.0.8, and some unsupported releases (1.0.x, 1.1.x). The vulnerability allows an administrator with user-search entitlements to recover sensitive security values by manipulating the fiql and orderby parameters. The provided d...

4.9CVSS5.2AI score0.20502EPSS
Exploits4References3Affected Software1
Rows per page
Query Builder