19 matches found
CVE-2020-12712
A vulnerability based on insecure user/password encryption in the JOE job editor component of SOS JobScheduler 1.12 and 1.13 allows attackers to decrypt the user/password that is optionally stored with a user's profile...
EUVD-2014-5280
Malware in sbrugna...
CVE-2023-37272
JS7 is an Open Source Job Scheduler. Users specify file names when uploading files holding user-generated documentation for JOC Cockpit. Specifically crafted file names allow an XSS attack to inject code that is executed with the browser. Risk of the vulnerability is considered high for branch 1....
Design/Logic Flaw
JS7 is an Open Source Job Scheduler. Users specify file names when uploading files holding user-generated documentation for JOC Cockpit. Specifically crafted file names allow an XSS attack to inject code that is executed with the browser. Risk of the vulnerability is considered high for branch 1....
CVE-2023-37272 XSS vulnerability in JOC Cockpit branch 1.13
JS7 is an Open Source Job Scheduler. Users specify file names when uploading files holding user-generated documentation for JOC Cockpit. Specifically crafted file names allow an XSS attack to inject code that is executed with the browser. Risk of the vulnerability is considered high for branch 1....
ASB-A-246541702
In several methods of JobStore.java, uncaught exceptions in job map parsing could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
SolarWinds Orion Job Scheduler JobRouterService Improper Authorization Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Orion Job Scheduler. Authentication is required to exploit this vulnerability. The specific flaw exists within the JobRouterService WCF service. The issue is due to the WCF service...
CVE-2014-5392 XML eXternal Entity (XXE) in "JobScheduler"
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-5392 =================== "XML eXternal Entity XXE" CWE-611 vulnerability in "JobScheduler" product Vendor =================== Software- & Organisations-Service GmbH Product =================== "JobScheduler is a workload automation tool. It i...
CVE-2014-5391 DOM-based Cross-Site Scripting (XSS) in "JobScheduler"
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-5391 =================== "DOM-based Cross-Site Scripting XSS" CWE-79 vulnerability in "JobScheduler" product Vendor =================== Software- & Organisations-Service GmbH Product =================== "JobScheduler is a workload automation...
CVE-2014-5393 Path Traversal to Sensitive Files in Webroot in "JobScheduler"
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-5393 =================== "Path Traversal to Sensitive Files in Webroot" CWE-219 vulnerability in "JobScheduler" product Vendor =================== Software- & Organisations-Service GmbH Product =================== "JobScheduler is a workload...
JobScheduler Multiple Vulnerabilities (Oct 2014)
JobScheduler is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-5392
XML External Entity XXE vulnerability in JobScheduler before 1.6.4246 and 7.x before 1.7.4241 allows remote attackers to cause a denial of service and read arbitrary files or directories via a request containing an XML external entity declaration in conjunction with an entity reference...
CVE-2014-5392
XML External Entity XXE vulnerability in JobScheduler before 1.6.4246 and 7.x before 1.7.4241 allows remote attackers to cause a denial of service and read arbitrary files or directories via a request containing an XML external entity declaration in conjunction with an entity reference...
CVE-2014-5392
JobScheduler is affected by an XML External Entity (XXE) vulnerability (CVE-2014-5392). Affected versions are before 1.6.4246 and before 1.7.4241. An attacker can cause denial of service and read arbitrary files via an XML entity in requests. Patches are available for 1.6.x and 1.7.x lines (upgra...
CVE-2014-5391
Cross-site scripting XSS vulnerability in the JobScheduler Operations Center JOC in SOS JobScheduler before 1.6.4246 and 1.7.x before 1.7.4241 allows remote attackers to inject arbitrary web script or HTML via the hash property location.hash...
CVE-2014-5393
Directory traversal vulnerability in the JobScheduler Operations Center JOC in SOS JobScheduler before 1.6.4246 and 1.7.x before 1.7.4241 allows remote authenticated users with the info permission to read arbitrary files in the webroot via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the JobScheduler Operations Center JOC in SOS JobScheduler before 1.6.4246 and 1.7.x before 1.7.4241 allows remote attackers to inject arbitrary web script or HTML via the hash property location.hash...
CVE-2014-5391
Cross-site scripting XSS vulnerability in the JobScheduler Operations Center JOC in SOS JobScheduler before 1.6.4246 and 1.7.x before 1.7.4241 allows remote attackers to inject arbitrary web script or HTML via the hash property location.hash...
CVE-2014-5393
Directory traversal vulnerability in the JobScheduler Operations Center JOC in SOS JobScheduler before 1.6.4246 and 1.7.x before 1.7.4241 allows remote authenticated users with the info permission to read arbitrary files in the webroot via unspecified vectors...