8 matches found
EUVD-2002-0483
Malware in sbrugna...
CVE-2002-0486
Intellisol Xpede 4.1 uses weak encryption to store authentication information in cookies, which could allow local users with access to the cookies to gain privileges...
CVE-2002-0487
Intellisol Xpede 4.1 stores passwords in plaintext in a Javascript "session timeout" re-authentication capability, which could allow local users with access to gain privileges of other Xpede users by reading the password from the source file, e.g. from the browser's cache...
CVE-2002-0487
Intellisol Xpede 4.1 stores passwords in plaintext in a Javascript "session timeout" re-authentication capability, which could allow local users with access to gain privileges of other Xpede users by reading the password from the source file, e.g. from the browser's cache...
CVE-2002-0486
Intellisol Xpede 4.1 uses weak encryption to store authentication information in cookies, which could allow local users with access to the cookies to gain privileges...
CVE-2002-0486
Affected: Intellisol Xpede 4.1. The CVE-2002-0486 entry describes that the product stores authentication information in cookies using weak encryption, enabling local access to cookies to escalate privileges. Root cause: weak encryption used for cookie-stored credentials. Impact: according to NVD ...
CVE-2002-0487
CVE-2002-0487 affects Intellisol Xpede 4.1, where passwords are stored in plaintext within a Javascript “session timeout” re-authentication capability. The underlying issue is plaintext password storage in a source file/cache accessible to the local user, enabling a local attacker to read credent...
Xpede passwords exposed (2 vuln.)
Passwords exposed in Intellisol XPede ========================== About Xpede ========= quote from http://www.workforceroi.com/solutions/pa/index.shtml "Intellisol Xpede is a browser-based time and expense entry and project cost management module designed to connect a remote workforce on a real-...