73 matches found
PT-2022-19934 · Snipe · Snipe-It
Name of the Vulnerable Software and Affected Versions: snipe/snipe-it versions prior to 6.0.10 Description: The issue concerns a session fixation problem where the session is not invalidated after a password change. This could potentially allow unauthorized access to user accounts. Recommendation...
EUVD-2022-38738
This vulnerability allows remote attackers to execute arbitrary code on affected installations of BMC Track-It! 20.21.2.109. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authorization of HTTP requests. The issue results from the lack of...
PT-2022-22975 · Bmc · Bmc Track-It!
Name of the Vulnerable Software and Affected Versions: BMC Track-It! version 20.21.02.109 Description: This issue allows remote attackers to disclose sensitive information on affected installations. Authentication is required to exploit this issue. The specific flaw exists within the...
CVE-2022-0579
Missing Authorization in Packagist snipe/snipe-it prior to 5.3.9...
Track-It! 授权问题漏洞
Bmc Software Track-It! is an It helpdesk software from Bmc Software, USA. for helpdesks and service desks with asset management. A security vulnerability exists in BMC Track-It! that stems from a lack of authentication before allowing access to features. An attacker could exploit this vulnerabili...
BMC Track-It! Information Disclosure Vulnerability
BMC Track-It! is a fully integrated IT helpdesk and asset management solution for small and medium-sized businesses from BMC Software, USA. The solution provides work order tracking, change management, process automation, asset inventory and asset management. A security vulnerability exists in...
CVE-2015-3295
markdown-it before 4.1.0 does not block data: URLs...
markdown-it and NodeBB HTML Injection Vulnerabilities
markdown-it is a parser product. NodeBB is a forum system developed by the Design Create Play team and built using Node.js, a web application platform built on top of Google's V8 JavaScript engine. An HTML injection vulnerability exists in markdown-it versions prior to 4.1.0 and NodeBB versions...
Publish-It 3.6d - Local Buffer Overflow (SEH)
Publish-It 3.6d - Local Buffer Overflow SEH !/usr/bin/python Title: Publish-It 3.6d - Buffer Overflow SEH Exploit Date: 2/16/15 Vulnerability: Discovery and PoC by Core Security http://www.exploit-db.com/exploits/31461/ Exploit Author: jakx Andrew Smith of Sword & Shield Enterprise Security Vendo...
CVE-2014-4872
BMC Track-It! 11.3.0.355 does not require authentication on TCP port 9010, which allows remote attackers to upload arbitrary files, execute arbitrary code, or obtain sensitive credential and configuration information via a .NET Remoting request to 1 FileStorageService or 2 ConfigurationService...
Its 3rd week after attack & still CBI website remains down !
3rd week after attack & still CBI website remains down ! The website of the much sought-after Central Bureau of Investigation CBI continues to remain inactive, three weeks after it was hacked into by the so-called Pakistani Cyber Army. As a result, many have been badly hit, particularly the media...
Very rare the TXT file hung it-vulnerability warning-the black bar safety net
| TXT file in the Insert a piece of JAVA code behind the HTML code is the IE implementation of Affected versions of IE6 7 8 Code: ‘scriptalertsb/script iframe src=http://xxxxx. org width=5 0 0 height=5 0 0/iframe Presentation: Reference: http://xxxxx.org/test.txt Picture hanging horse The above...
CVE-2000-1068
pollit.cgi in Poll It 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the polloptions parameter...