40 matches found
EUVD-2015-0528
Malware in sbrugna...
EMC ViPR SRM - Cross-Site Request Forgery
Exploit for php platform in category web applications !-- EMC M&R Watch4net lacks Cross-Site Request Forgery protection Abstract It was discovered that EMC M&R Watch4net does not protect against Cross-Site Request Forgery CSRF attacks. A successful CSRF attack can compromise end user data and may...
EMC ViPR SRM - Cross-Site Request Forgery
!-- EMC M&R Watch4net lacks Cross-Site Request Forgery protection Abstract It was discovered that EMC M&R Watch4net does not protect against Cross-Site Request Forgery CSRF attacks. A successful CSRF attack can compromise end user data and may allow an attacker to perform an account hijack. If th...
Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Alerting Frontend
------------------------------------------------------------------------ Cross-Site Scripting vulnerability in EMC M&R Watch4net Alerting Frontend ------------------------------------------------------------------------ Han Sahin, November 2014...
Path traversal vulnerability in EMC M&R (Watch4net) MIB Browser
------------------------------------------------------------------------ Path traversal vulnerability in EMC M&R Watch4net MIB Browser ------------------------------------------------------------------------ Han Sahin, November 2014...
Path traversal vulnerability in EMC M&R (Watch4net) Device Discovery
------------------------------------------------------------------------ Path traversal vulnerability in EMC M&R Watch4net Device Discovery ------------------------------------------------------------------------ Han Sahin, November 2014...
Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Centralized Management Console
------------------------------------------------------------------------ Cross-Site Scripting vulnerability in EMC M&R Watch4net Centralized Management Console ------------------------------------------------------------------------ Han Sahin, November 2014...
EMC M&R multiple security vulnerabilities
Crossite scripting, insecure data storage, directory traversal, unrestricted files upload...
Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Web Portal Report Favorites
------------------------------------------------------------------------ Cross-Site Scripting vulnerability in EMC M&R Watch4net Web Portal Report Favorites ------------------------------------------------------------------------ Han Sahin, November 2014...
EMC M&R (Watch4net) MIB Browser Path Traversal Vulnerability
A path traversal vulnerability was found in EMC M&R Watch4net MIB Browser. This vulnerability allows an attacker to access sensitive files containing configuration data, passwords, database records, log data, source code, and program scripts and binaries...
EMC M&R (Watch4net) Web Portal Report Favorites XSS Vulnerability
A cross site scripting vulnerability was found in EMC M&R Watch4net Web Portal. This issue allows attackers to replace the report that is shown at startup, the attackers payload will be stored in the user's profile and will be executed every time the victim logs in...
EMC M&R (Watch4net) Device Discovery Path Traversal
------------------------------------------------------------------------ Path traversal vulnerability in EMC M&R Watch4net Device Discovery ------------------------------------------------------------------------ Han Sahin, November 2014...
EMC M&R (Watch4net) Alerting Frontend XSS
------------------------------------------------------------------------ Cross-Site Scripting vulnerability in EMC M&R Watch4net Alerting Frontend ------------------------------------------------------------------------ Han Sahin, November 2014...
EMC M&R (Watch4net) - Credential Disclosure Vulnerability
It was discovered that EMC M&R Watch4net credentials of remote servers stored in Watch4net are encrypted using a fixed hard-coded password. If an attacker manages to obtain a copy of the encrypted credentials, it is trivial to decrypt them. Abstract It was discovered that EMC M&R Watch4net...
EMC M&R (Watch4net) Centralized Management Console XSS Vulnerability
A cross site scripting vulnerability was found in EMC M&R Watch4net Centralized Management Console. This issue allows attackers to perform a wide variety of actions, such as stealing victims' session tokens or login credentials, performing arbitrary actions on their behalf, logging their...
EMC M&R (Watch4net) - Directory Traversal Vulnerability
A path traversal vulnerability was found in EMC M&R Watch4net Device Discovery. This vulnerability allows an attacker to access sensitive files containing configuration data, passwords, database records, log data, source code, and program scripts and binaries. Abstract A path traversal...
EMC M&R (Watch4net) Web Portal Report Favorites XSS
------------------------------------------------------------------------ Cross-Site Scripting vulnerability in EMC M&R Watch4net Web Portal Report Favorites ------------------------------------------------------------------------ Han Sahin, November 2014...
EMC M&R (Watch4net) MIB Browser Path Traversal
------------------------------------------------------------------------ Path traversal vulnerability in EMC M&R Watch4net MIB Browser ------------------------------------------------------------------------ Han Sahin, November 2014...
EMC M&R (Watch4net) Centralized Management Console XSS
------------------------------------------------------------------------ Cross-Site Scripting vulnerability in EMC M&R Watch4net Centralized Management Console ------------------------------------------------------------------------ Han Sahin, November 2014...
EMC M&R (Watch4net) Alerting Frontend XSS Vulnerability
A cross site scripting vulnerability was found in EMC M&R Watch4net Alerting Frontend. This issue allows attackers to perform a wide variety of actions, such as stealing victims' session tokens or login credentials, performing arbitrary actions on their behalf, logging their keystrokes, or exploi...