6 matches found
SIPS 0.2.2 User Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7134/info It has been reported that authentication is not required to view user account information. As a result, an unauthorized remote attacker may be able to view potentially sensitive information. This may aid in...
Adobe Flash Player <= 10.1.51 Local File Access Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/38517/info Adobe Flash Player is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. package com.lavakumar.imposter...
Alienvault Open Source SIEM (OSSIM) - Timestamp Directory Traversal
Alienvault Open Source SIEM OSSIM - Timestamp Directory Traversal source: https://www.securityfocus.com/bid/62899/info Open Source SIEM OSSIM is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue can allow an attacker ...
Aibolit - Information Disclosure
source: https://www.securityfocus.com/bid/59053/info Aibolit is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. http://www.example.com/AI-BOLIT-REPORT--.html...
Verax NMS - Multiple Method Authentication Bypass
source: https://www.securityfocus.com/bid/58334/info Verax NMS is prone to multiple security-bypass and information disclosure vulnerabilities. Attackers can exploit these issues to bypass certain security restrictions, perform unauthorized actions, and obtain sensitive information; this may aid ...
212Cafe WebBoard 2.90 Beta - view.php Directory Traversal
212Cafe WebBoard 2.90 Beta - view.php Directory Traversal source: https://www.securityfocus.com/bid/44510/info 212cafe WebBoard is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Remote attackers can use a specially crafted request with...