Lucene search
K

25 matches found

CNVD
CNVD
added 2016/03/09 12:0 a.m.36 views

Apache Jetspeed User Management REST API Unauthorized Access Vulnerability

Jetspeed is based on Java and XML open source enterprise information portal implementation . Jetspeed can integrate a variety of data sources , through the XSL technology will be organized into a Jsp page data or Html page to the client ; Jetspeed also supports templates and content publishing...

8.8CVSS6.8AI score0.52351EPSS
Exploits5References1
Prion
Prion
added 2015/08/14 6:59 p.m.14 views

Command injection

Foreman before 1.9.0 allows remote authenticated users with the editusers permission to edit administrator users and change their passwords via unspecified vectors...

6CVSS6.5AI score0.01645EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2015/08/14 12:0 a.m.4 views

PT-2015-6112 · Foreman · Foreman

Name of the Vulnerable Software and Affected Versions: Foreman versions prior to 1.9.0 Description: The issue allows remote authenticated users with the edit users permission to edit administrator users and change their passwords. An attacker with the edit users permission could use this flaw to...

6CVSS6.2AI score0.01645EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2015/08/12 5:4 a.m.5 views

foreman: edit_users permission allows changing of admin passwords

It was discovered that in Foreman the editusers permissions for example, granted to the Manager role allowed the user to edit admin user passwords. An attacker with the editusers permissions could use this flaw to access an admin user account, leading to an escalation of privileges...

6CVSS5.8AI score0.01645EPSS
Exploits0References4
seebug.org
seebug.org
added 2014/01/06 12:0 a.m.27 views

Seagate BlackArmor NAS sg2000-2000.1331跨站请求伪造漏洞

No description provided by source. Exploit Title: Seagate BlackArmor NAS - Cross Site Request Forgery Google Dork: N/A Date: 04-01-2014 Exploit Author: Jeroen - IT Nerdbox Vendor Homepage: http://www.seagate.com/ Software Link:...

6.8CVSS9.6AI score0.01397EPSS
Exploits6
Rows per page
Query Builder