10 matches found
EUVD-2014-4239
Malware in sbrugna...
CVE-2014-4311
Epicor Enterprise 7.4 before FS74SP6HotfixTL054181 allows attackers to obtain the 1 Database Connection and 2 E-mail Connection passwords by reading HTML source code of the database connection and email settings page...
Code injection
Epicor Enterprise 7.4 before FS74SP6HotfixTL054181 allows attackers to obtain the 1 Database Connection and 2 E-mail Connection passwords by reading HTML source code of the database connection and email settings page...
CVE-2014-4311
Epicor Enterprise 7.4 before FS74SP6HotfixTL054181 allows attackers to obtain the 1 Database Connection and 2 E-mail Connection passwords by reading HTML source code of the database connection and email settings page...
CVE-2014-4311
CVE-2014-4311 – Epicor Enterprise 7.4 (pre-FS74SP6 HotfixTL054181) : The vulnerability allows an attacker to obtain the passwords for the Database Connection and E-mail Connection by reading the HTML source of the database connection and email settings page. Root cause: passwords are exposed in t...
CVE-2014-4312
Multiple cross-site scripting XSS vulnerabilities in Epicor Enterprise 7.4 before FS74SP6HotfixTL054181 allow remote attackers to inject arbitrary web script or HTML via the 1 Notes section to Order details; 2 Description section to "Order to consume"; 3 Favorites name section to Favorites; 4...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Epicor Enterprise 7.4 before FS74SP6HotfixTL054181 allow remote attackers to inject arbitrary web script or HTML via the 1 Notes section to Order details; 2 Description section to "Order to consume"; 3 Favorites name section to Favorites; 4...
CVE-2014-4312
Multiple cross-site scripting XSS vulnerabilities in Epicor Enterprise 7.4 before FS74SP6HotfixTL054181 allow remote attackers to inject arbitrary web script or HTML via the 1 Notes section to Order details; 2 Description section to "Order to consume"; 3 Favorites name section to Favorites; 4...
CVE-2014-4312
CVE-2014-4312 affects Epicor Enterprise 7.4 prior to FS74SP6_HotfixTL054181. The issue comprises multiple cross-site scripting (XSS) vectors that allow remote attackers to inject arbitrary script/HTML via several parameters and UI fields (Notes in Order details, Description in Order to consume, F...
Epicor Enterprise 7.4 - Multiple Vulnerabilities
No description provided by source. "Epicor Enterprise vulnerabilities" - Affected vendor: Epicor Software Corporation - Affected system: Epicor Enterprise - Version 7.4 - Vendor disclosure date: May 13th, 2014 - Public disclosure date: September 30th, 2014 - Status: Fixed - Associated CVEs: 1...