11 matches found
EUVD-2015-6476
Malware in sbrugna...
EUVD-2015-6477
Malware in sbrugna...
CVE-2015-6538
The login page in Epiphany Cardio Server 3.3, 4.0, and 4.1 mishandles authentication requests, which allows remote attackers to conduct LDAP injection attacks, and consequently bypass intended access restrictions, via a crafted URL...
Design/Logic Flaw
The login page in Epiphany Cardio Server 3.3, 4.0, and 4.1 mishandles authentication requests, which allows remote attackers to conduct LDAP injection attacks, and consequently bypass intended access restrictions, via a crafted URL...
CVE-2015-6537
SQL injection vulnerability in the login page in Epiphany Cardio Server 3.3 allows remote attackers to execute arbitrary SQL commands via a crafted URL...
Sql injection
SQL injection vulnerability in the login page in Epiphany Cardio Server 3.3 allows remote attackers to execute arbitrary SQL commands via a crafted URL...
CVE-2015-6538
CVE-2015-6538 affects Epiphany Cardio Server login page: improper handling of authentication requests enables an LDAP injection via a crafted URL, bypassing access controls. Impacted versions are 3.3, 4.0, and 4.1, potentially allowing unauthenticated attackers to bypass authentication and access...
CVE-2015-6537
The CVE-2015-6537 issue affects Epiphany Cardio Server 3.3, where an SQL injection in the login page URL allows an unauthenticated attacker to execute SQL commands that can lead to administrator access. CERT/ENISA documentation indicates the vulnerability enables login as an administrator and aff...
CVE-2015-6537
SQL injection vulnerability in the login page in Epiphany Cardio Server 3.3 allows remote attackers to execute arbitrary SQL commands via a crafted URL...
CVE-2015-6538
The login page in Epiphany Cardio Server 3.3, 4.0, and 4.1 mishandles authentication requests, which allows remote attackers to conduct LDAP injection attacks, and consequently bypass intended access restrictions, via a crafted URL...
Epiphany Cardio Server is vulnerable to SQL and LDAP injection
Overview The Epiphany Cardio Server is vulnerable to SQL injection and LDAP injection, allowing an unauthenticated attacker to gain administrator rights. Description Epiphany Cardio Server was reported as being vulnerable to the following issues:CWE-89: Improper Neutralization of Special Elements...