20 matches found
EUVD-2014-5025
Malware in sbrugna...
EUVD-2014-5034
Malware in sbrugna...
EUVD-2014-5036
Malware in sbrugna...
CVE-2014-5138
Innovative Interfaces Sierra Library Services Platform 1.23 does not properly handle query strings with multiple instances of the same parameter, which allows remote attackers to bypass parameter validation via unspecified vectors, possibly related to the Webpac Pro submodule...
CVE-2014-5138
Innovative Interfaces Sierra Library Services Platform 1.23 does not properly handle query strings with multiple instances of the same parameter, which allows remote attackers to bypass parameter validation via unspecified vectors, possibly related to the Webpac Pro submodule...
CVE-2014-5138
CVE-2014-5138 concerns the Sierra Library Services Platform (1.2_3) where the application mishandles multiple instances of the same query parameter, enabling an attacker to bypass parameter validation via crafted requests. The issue is tied to the Webpac Pro submodule in some configurations. Publ...
Innovative WebPAC Pro 2.0 Open Redirect
Innovative WebPAC Pro 2.0 Unvalidated Redirects and Forwards URL Redirection Security Vulnerabilities Exploit Title: Innovative WebPAC Pro 2.0 /showres url parameter URL Redirection Security Vulnerabilities Vendor: Innovative Interfaces Inc Product: WebPAC Pro Vulnerable Versions: 2.0 Tested...
Sierra Library Services Platform Multiple Vulnerability Disclosure
Product: Sierra Library Services Platform Vendor: Innovative Interfaces Inc Vulnerable Version: 1.23 Tested Version: 1.23 Vendor Notification: June 19, 2014 Public Disclosure: August 26, 2014 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference: CVE-2014-5136 Risk Level: Medium CVSSv2 Ba...
Encore Discovery Solution Multiple Vulnerability Disclosure
Product: Encore Discovery Solution Vendor: Innovative Interfaces Inc Vulnerable Version: 4.3 Tested Version: 4.3 Vendor Notification: June 19, 2014 Public Disclosure: August 26, 2014 Vulnerability Type: Open Redirect CWE-601 CVE Reference: CVE-2014-5127 Risk Level: Medium CVSSv2 Base Score: 4.3...
VTLS Virtua InfoStation.cgi - SQL Injection
No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register class TestPOCPOCBase: vulID = '87206' ssvid version = '1.0' author = 'feng' vulDate = '2014-10-20' createDate =...
CVE-2014-5137
Innovative Interfaces Sierra Library Services Platform 1.23 provides different responses for login request depending on whether the user account exists, which allows remote attackers to enumerate account names via a series of login requests, possibly related to the Webpac Pro submodule...
CVE-2014-5137
The Sierra Library Services Platform (Product: Sierra Library Services Platform; Vendor: Innovative Interfaces Inc) 1.2_3 is affected by CVE-2014-5137 due to a login response discrepancy that differs based on whether a user account exists. This behavior enables remote attackers to enumerate valid...
CVE-2014-5136
Sierra Library Services Platform (Product: Sierra LSP) v1.2_3 is affected by CVE-2014-5136, a reflected cross-site scripting (XSS) vulnerability. The issue arises from unsanitized data in application query parameters, allowing an attacker to inject arbitrary JavaScript in the victim’s browser via...
CVE-2014-5128
The vulnerability CVE-2014-5128 affects Encore Discovery Solution 4.3 from Innovative Interfaces Inc. The advisory details that the product “places a session token in the URI,” exposing the session token via GET parameters and creating potential information leakage through unspecified vectors. Th...
CVE-2014-5127
CVE-2014-5127 is an Open Redirect vulnerability in Encore Discovery Solution 4.3 by Innovative Interfaces Inc. Attackers can redirect users to attacker-controlled sites via a crafted URL parameter, enabling phishing attempts. The SecurityVulns entry confirms product, vulnerable version (4.3), and...
CVE-2014-5127
Open redirect vulnerability in Innovative Interfaces Encore Discovery Solution 4.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in an unspecified parameter...
CVE-2014-5128
Innovative Interfaces Encore Discovery Solution 4.3 places a session token in the URI, which might allow remote attackers to obtain sensitive information via unspecified vectors...
CVE-2014-5127
Open redirect vulnerability in Innovative Interfaces Encore Discovery Solution 4.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in an unspecified parameter...
Open redirect
Open redirect vulnerability in Innovative Interfaces Encore Discovery Solution 4.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in an unspecified parameter...
Information disclosure
Innovative Interfaces Encore Discovery Solution 4.3 places a session token in the URI, which might allow remote attackers to obtain sensitive information via unspecified vectors...