10 matches found
CVE-2024-41980
A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application do not encrypt the communication in LDAP interface by default. This could allow an authenticated attacker to gain unauthorized access to sensitive...
Siemens Opcenter Quality
SUMMARY The Opcenter Quality is affected by multiple vulnerabilities in the SmartClient modules Opcenter QL Home SC, SOA Audit and SOA Cockpit. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL RECOMMENDATIONS As a general...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in vTiger CRM 5.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 viewname parameter in a CalendarAjax action, 2 activitymode parameter in a DetailView action, 3 contactid and 4 parentid parameters in an...
CVE-2011-4670
Multiple cross-site scripting XSS vulnerabilities in vTiger CRM 5.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 viewname parameter in a CalendarAjax action, 2 activitymode parameter in a DetailView action, 3 contactid and 4 parentid parameters in an...
CVE-2008-3101
Multiple cross-site scripting XSS vulnerabilities in vtiger CRM 5.0.4 allow remote attackers to inject arbitrary web script or HTML via 1 the parenttab parameter in an index action to the Products module, as reachable through index.php; 2 the userpassword parameter in an Authenticate action to th...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in vtiger CRM 5.0.4 allow remote attackers to inject arbitrary web script or HTML via 1 the parenttab parameter in an index action to the Products module, as reachable through index.php; 2 the userpassword parameter in an Authenticate action to th...
CVE-2008-3101
Multiple cross-site scripting XSS vulnerabilities in vtiger CRM 5.0.4 allow remote attackers to inject arbitrary web script or HTML via 1 the parenttab parameter in an index action to the Products module, as reachable through index.php; 2 the userpassword parameter in an Authenticate action to th...
PHPFullAnnu Home.Module.PHP远程文件包含漏洞
PHPFullAnnu是一款基于PHP的WEB应用程序。 PHPFullAnnu不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是由于'Home.Module.PHP'脚本对用户提交的'repmod'参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 phpFullAnnu phpFullAnnu 5.1 http://pfa.netsliver.com/fr/actus.html http://www.example.com/Script...
PHPFullAnnu Home.Module.PHP参数远程文件包含漏洞
PHPFullAnnu是一款基于PHP的WEB应用程序。 PHPFullAnnu不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是由于'Home.Module.PHP'脚本对用户提交的'repmod'参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 phpFullAnnu phpFullAnnu 5.1 http://pfa.netsliver.com/fr/actus.html http://www.example.com/Script...
phpFullAnnu 5.1 - repmod Remote File Inclusion
phpFullAnnu 5.1 - repmod Remote File Inclusion ============================================================================================== phpFullAnnu = v5.1 repmod Remote File Inclusion Exploit ===============================================================================================...