CVE-2009-4192

Directory traversal vulnerability in dialog/filemanager.php in Interspire Knowledge Manager 5 allows remote attackers to read arbitrary files via a .. dot dot in the p parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

EUVD-2009-4162

Malware in sbrugna...

ABB Central Licensing System Permissions, Privileges, and Access Controls (CVE-2020-8476)

For the Central Licensing Server component used in ABB products ABB Ability System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to...

ABB Central Licensing System Improper Restriction of XML External Entity Reference (CVE-2020-8479)

For the Central Licensing Server component used in ABB products ABB Ability System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to...

ABB Central Licensing System Uncontrolled Resource Consumption (CVE-2020-8475)

For the Central Licensing Server component used in ABB products ABB Ability System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to...

ABB Central Licensing System Exposure of Sensitive Information to an Unauthorized Actor (CVE-2020-8481)

For ABB products ABB Ability System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody...

PT-2022-2322 · Wso2 · Wso2 Identity Server Analytics +5

Name of the Vulnerable Software and Affected Versions: WSO2 API Manager versions 2.2.0 through 4.0.0 WSO2 Identity Server versions 5.2.0 through 5.11.0 WSO2 Identity Server Analytics versions 5.4.0, 5.4.1, 5.5.0, and 5.6.0 WSO2 Identity Server as Key Manager versions 5.3.0 through 5.11.0 WSO2...

CVE-2020-8481

For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody...

CVE-2020-8475

For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to...

Code injection

For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to...

CVE-2020-8481 ABB Central Licensing System - Information disclosure

For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody...

CVE-2020-8481

CVE-2020-8481 concerns ABB Ability System 800xA and related ABB CLS/OLC ecosystem components. The root cause is confidential data written in an unprotected file, enabling an attacker to read sensitive data and potentially take full control of the affected node. Reported affected products span mul...

CVE-2020-8471

CVE-2020-8471 affects ABB Central Licensing System (CLS) across multiple ABB products (800xA, Compact HMI, Symphony Plus, Harmony/Melody components, Knowledge Manager, etc.). The root issue is weak file permissions on the CLS, allowing an authenticated attacker to block license handling, escalate...

CVE-2020-8471 ABB Central Licensing System - Weak File Permissions

For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to...

CVE-2020-8479 ABB Central Licensing System - XML External Entity Injection

For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to...

CVE-2020-8476 ABB Central Licensing System - Elevation of Privilege Vulnerability

For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to...

CVE-2020-8476

CVE-2020-8476 affects ABB CLS across ABB Ability System 800xA and related components, where a weakness in input validation in the Central Licensing Server allows an attacker to alter licenses assigned to system nodes. Reported impact is license manipulation (credentials/permissions could be misap...

Interspire Knowledge Manager 5 'p' Parameter Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/36541/info Interspire Knowledge Manager is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting the issue may allow an attacker to obtain sensitive...

Interspire Knowledge Manager 5 'callback.snipshot.php' Arbitrary File Creation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38186/info Interspire Knowledge Manager is prone to a vulnerability that allows attackers to create arbitrary files on a vulnerable computer. An attacker may exploit this issue to create arbitrary files, which may then be...

Interspire Knowledge Manager 5.1.3 - Multiple Remote Vulnerabilities

Interspire Knowledge Manager 5.1.3 - Multiple Remote Vulnerabilities source: https://www.securityfocus.com/bid/38090/info Interspire Knowledge Manager is prone to multiple SQL-injection vulnerabilities, a cross-site scripting vulnerability, and an information-disclosure vulnerability. Exploiting...