8 matches found
EUVD-2002-0483
Malware in sbrugna...
CVE-2002-0486
Intellisol Xpede 4.1 uses weak encryption to store authentication information in cookies, which could allow local users with access to the cookies to gain privileges...
CVE-2002-0487
Intellisol Xpede 4.1 stores passwords in plaintext in a Javascript "session timeout" re-authentication capability, which could allow local users with access to gain privileges of other Xpede users by reading the password from the source file, e.g. from the browser's cache...
CVE-2002-0487
CVE-2002-0487 affects Intellisol Xpede 4.1, where passwords are stored in plaintext within a Javascript “session timeout” re-authentication capability. The underlying issue is plaintext password storage in a source file/cache accessible to the local user, enabling a local attacker to read credent...
CVE-2002-0486
Intellisol Xpede 4.1 uses weak encryption to store authentication information in cookies, which could allow local users with access to the cookies to gain privileges...
CVE-2002-0486
Affected: Intellisol Xpede 4.1. The CVE-2002-0486 entry describes that the product stores authentication information in cookies using weak encryption, enabling local access to cookies to escalate privileges. Root cause: weak encryption used for cookie-stored credentials. Impact: according to NVD ...
CVE-2002-0487
Intellisol Xpede 4.1 stores passwords in plaintext in a Javascript "session timeout" re-authentication capability, which could allow local users with access to gain privileges of other Xpede users by reading the password from the source file, e.g. from the browser's cache...
Xpede passwords exposed (2 vuln.)
Passwords exposed in Intellisol XPede ========================== About Xpede ========= quote from http://www.workforceroi.com/solutions/pa/index.shtml "Intellisol Xpede is a browser-based time and expense entry and project cost management module designed to connect a remote workforce on a real-...