4 matches found
CVE-2020-27858
This vulnerability allows remote attackers to disclose sensitive information on affected installations of CA Arcserve D2D 16.5. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getNews method. Due to the improper restriction of XML External Entity...
Xxe
This vulnerability allows remote attackers to disclose sensitive information on affected installations of CA Arcserve D2D 16.5. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getNews method. Due to the improper restriction of XML External Entity...
Arcserve D2D getNews XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of CA Arcserve D2D. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getNews method. Due to the improper restriction of XML External Entity XXE...
CVE-2008-2901
Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS FCMS 1.4 allow remote authenticated users to execute arbitrary SQL commands via the 1 address parameter to addressbook.php, the 2 getnews parameter to familynews.php, and the 3 pollid parameter to home.php in a results...