Lucene search
+L

13 matches found

cnvd
cnvd
added 2017/08/22 12:0 a.m.4 views

Micro Focus Enterprise Developer and Enterprise Server Path Traversal Vulnerability

Micro Focus Enterprise Developer and Enterprise Server are both products of Micro Focus, a British company.Micro Focus Enterprise Developer is a set of integrated development environments for the mainframe.Enterprise Server is a production deployment platform for mainframe programs. Enterprise...

6.5CVSS6.6AI score0.01785EPSS
Exploits0References1
cnvd
cnvd
added 2017/08/22 12:0 a.m.5 views

Micro Focus Enterprise Developer and Enterprise Server Cross-Site Scripting Vulnerability

Micro Focus Enterprise Developer and Enterprise Server are both products of Micro Focus, a British company.Micro Focus Enterprise Developer is a set of integrated development environments for the mainframe.Enterprise Server is a production deployment platform for mainframe programs. Enterprise...

5.4CVSS5.3AI score0.0097EPSS
Exploits0References1
nvd
nvd
added 2017/08/21 3:29 p.m.19 views

CVE-2017-7424

A Path Traversal CWE-22 vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote authenticated users to download arbitrary files from a system running the product, if this component is...

6.5CVSS6.2AI score0.01785EPSS
Exploits0References1
prion
prion
added 2017/08/21 3:29 p.m.14 views

Cross site request forgery (csrf)

A Cross-Site Request Forgery CWE-352 vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote unauthenticated attackers to forge requests, if this component is configured. This includes...

6.8CVSS8.6AI score0.00751EPSS
Exploits0References1Affected Software2
nvd
nvd
added 2017/08/21 3:29 p.m.24 views

CVE-2017-7423

A Cross-Site Request Forgery CWE-352 vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote unauthenticated attackers to forge requests, if this component is configured. This includes...

8.8CVSS8.7AI score0.00751EPSS
Exploits0References1
osv
osv
added 2017/08/21 3:29 p.m.5 views

CVE-2017-7423

A Cross-Site Request Forgery CWE-352 vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote unauthenticated attackers to forge requests, if this component is configured. This includes...

8.8CVSS5.8AI score0.00751EPSS
Exploits0References1
osv
osv
added 2017/08/21 3:29 p.m.5 views

CVE-2017-7424

A Path Traversal CWE-22 vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote authenticated users to download arbitrary files from a system running the product, if this component is...

6.5CVSS5.9AI score0.01785EPSS
Exploits0References1
prion
prion
added 2017/08/21 3:29 p.m.18 views

Cross site scripting

Reflected and stored Cross-Site Scripting XSS, CWE-79 vulnerabilities in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allow remote authenticated attackers to bypass protection mechanisms CWE-693 and other...

3.5CVSS5.4AI score0.0097EPSS
Exploits0References1Affected Software2
osv
osv
added 2017/08/21 3:29 p.m.5 views

CVE-2017-7422

Reflected and stored Cross-Site Scripting XSS, CWE-79 vulnerabilities in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allow remote authenticated attackers to bypass protection mechanisms CWE-693 and other...

5.4CVSS5.8AI score0.0097EPSS
Exploits0References1
cvelist
cvelist
added 2017/08/21 3:0 p.m.28 views

CVE-2017-7423

A Cross-Site Request Forgery CWE-352 vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote unauthenticated attackers to forge requests, if this component is configured. This includes...

8.7AI score0.00751EPSS
Exploits0References1
cvelist
cvelist
added 2017/08/21 3:0 p.m.17 views

CVE-2017-7422

Reflected and stored Cross-Site Scripting XSS, CWE-79 vulnerabilities in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allow remote authenticated attackers to bypass protection mechanisms CWE-693 and other...

5.5AI score0.0097EPSS
Exploits0References1
cve
cve
added 2017/08/21 3:0 p.m.59 views

CVE-2017-7422

The CVE-2017-7422 entry concerns Micro Focus Enterprise Developer and Enterprise Server (ESM/ESMAN) with the esfadmingui component. It documents reflected and stored Cross-Site Scripting (XSS, CWE-79) vulnerabilities in esfadmingui affecting version 2.3, including 2.3 Update 1 before Hotfix 8 and...

5.4CVSS5.4AI score0.0097EPSS
Exploits0References1Affected Software2
cve
cve
added 2017/08/21 3:0 p.m.49 views

CVE-2017-7424

CVE-2017-7424 is a Path Traversal (CWE-22) vulnerability in esfadmingui of Micro Focus Enterprise Developer and Enterprise Server . It affects version 2.3, specifically 2.3 Update 1 before Hotfix 8 and 2.3 Update 2 before Hotfix 9 . The flaw enables remote authenticated users to download arbitrar...

6.5CVSS6.2AI score0.01785EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder