Lucene search
K

3542 matches found

Prion
Prion
added 2013/08/23 4:55 p.m.18 views

Cross site request forgery (csrf)

Request Tracker RT 4.x before 4.0.13 does not properly enforce the DeleteTicket and "custom lifecycle transition" permission, which allows remote authenticated users with the ModifyTicket permission to delete tickets via unspecified vectors...

6CVSS6.6AI score0.01634EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2013/08/23 4:55 p.m.3 views

UBUNTU-CVE-2012-4733

Request Tracker RT 4.x before 4.0.13 does not properly enforce the DeleteTicket and "custom lifecycle transition" permission, which allows remote authenticated users with the ModifyTicket permission to delete tickets via unspecified vectors...

6CVSS7.3AI score0.01634EPSS
Exploits0References2
Cvelist
Cvelist
added 2013/08/23 4:0 p.m.25 views

CVE-2012-4733

Request Tracker RT 4.x before 4.0.13 does not properly enforce the DeleteTicket and "custom lifecycle transition" permission, which allows remote authenticated users with the ModifyTicket permission to delete tickets via unspecified vectors...

8.2AI score0.01634EPSS
Exploits0References4
CVE
CVE
added 2013/08/23 4:0 p.m.58 views

CVE-2012-4733

CVE-2012-4733 affects Request Tracker (RT) 4.x prior to 4.0.13. The issue is an improper enforcement of the DeleteTicket and “custom lifecycle transition” permissions, allowing remote authenticated users who have the ModifyTicket permission to delete tickets via unspecified vectors. The connected...

6CVSS8.1AI score0.01634EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2013/08/23 4:0 p.m.27 views

CVE-2012-4733

Request Tracker RT 4.x before 4.0.13 does not properly enforce the DeleteTicket and "custom lifecycle transition" permission, which allows remote authenticated users with the ModifyTicket permission to delete tickets via unspecified vectors...

6CVSS8AI score0.01634EPSS
Exploits0
Prion
Prion
added 2013/07/29 1:59 p.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in HP Application Lifecycle Management ALM Quality Center before 11.51 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka ZDI-CAN-1565...

4.3CVSS6.1AI score0.02105EPSS
Exploits0References6Affected Software1
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.58 views

[security bulletin] HPSBGN02906 rev.1 - HP Application Lifecycle Management Quality Center (ALM), Remote Cross Site Scripting (XSS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03864640 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03864640 Version: 1 HPSBGN02906 rev....

4.3CVSS0.02105EPSS
Exploits0
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.34 views

HP Application Lifecycle Management crossite scripting

HP Application Lifecycle Management Quality Center crossite scripting...

4.3CVSS1.1AI score0.02105EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2013/07/17 1:41 p.m.2 views

CVE-2013-3822

Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Products Suite 9.3.1 allows remote attackers to affect integrity via unknown vectors related to Web Client CS...

4.3CVSS5.5AI score0.0138EPSS
Exploits0References7
ThreatPost
ThreatPost
added 2012/12/05 5:9 p.m.5 views

Trusteer: More Chrome, 64-bit Windows Malware to Come in 2013

Tis the season for predictions and security firm Trusteer checks in today with a handful for the upcoming New Year. In a post on the company’s blog, CTO Amit Klein distills Trusteer’s top ideas into an infographic,. The company predicts the security landscape will see more exploits, specifically...

0.4AI score
Exploits0References5
Exploit DB
Exploit DB
added 2012/10/10 12:0 a.m.23 views

HP Application Lifecycle Management - 'XGO.ocx' ActiveX 'SetShapeNodeType()' Remote Code Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 HttpClients::IE,...

7AI score
Exploits0
Saint
Saint
added 2012/10/09 12:0 a.m.28 views

HP Application Lifecycle Management ActiveX Control Arbitrary File Overwrite

Added: 10/09/2012 BID: 55272 OSVDB: 85059 Background HP Application Lifecycle Management ALM is a software product designed to manage the application lifecycle from requirements through readiness for delivery from a single repository, providing a consistent user experience and customizable...

0.1AI score
Exploits0
Saint
Saint
added 2012/10/09 12:0 a.m.41 views

HP Application Lifecycle Management ActiveX Control Arbitrary File Overwrite

Added: 10/09/2012 BID: 55272 OSVDB: 85059 Background HP Application Lifecycle Management ALM is a software product designed to manage the application lifecycle from requirements through readiness for delivery from a single repository, providing a consistent user experience and customizable...

0.1AI score
Exploits0
0day.today
0day.today
added 2012/10/09 12:0 a.m.14 views

HP Application Lifecycle Management XGO.ocx ActiveX SetShapeNodeType() Remote Code Execution

Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...

6.7AI score
Exploits0
Saint
Saint
added 2012/10/09 12:0 a.m.36 views

HP Application Lifecycle Management ActiveX Control Arbitrary File Overwrite

Added: 10/09/2012 BID: 55272 OSVDB: 85059 Background HP Application Lifecycle Management ALM is a software product designed to manage the application lifecycle from requirements through readiness for delivery from a single repository, providing a consistent user experience and customizable...

7.6AI score
Exploits0
Saint
Saint
added 2012/10/09 12:0 a.m.23 views

HP Application Lifecycle Management ActiveX Control Arbitrary File Overwrite

Added: 10/09/2012 BID: 55272 OSVDB: 85059 Background HP Application Lifecycle Management ALM is a software product designed to manage the application lifecycle from requirements through readiness for delivery from a single repository, providing a consistent user experience and customizable...

7.6AI score
Exploits0
0day.today
0day.today
added 2012/09/25 12:0 a.m.31 views

HP ALM Remote Code Execution

Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...

6.7AI score
Exploits0
Metasploit
Metasploit
added 2012/09/24 8:0 a.m.11 views

HP Application Lifecycle Management XGO.ocx ActiveX SetShapeNodeType() Remote Code Execution

This module exploits a vulnerability within the XGO.ocx ActiveX Control installed with the HP Application Lifecycle Manager Client. The vulnerability exists in the SetShapeNodeType method, which allows the user to specify memory that will be used as an object, through the node parameter. It allow...

10AI score
Exploits0
ThreatPost
ThreatPost
added 2012/09/20 3:19 p.m.12 views

Disconnect Between Application Development and Security Getting Wider

There is a widening gulf between application developers and security decision makers inside the enterprise, and it’s starting to cost companies serious money. Sure there’s been lots of talk about the need for better static and dynamic web application testing tools and the need for a formalized...

8.1AI score
Exploits0References3
Saint
Saint
added 2012/09/13 12:0 a.m.33 views

HP Application Lifecycle Management XGO.ocx ActiveX SetShapeNodeType Method Vulnerability

Added: 09/13/2012 BID: 55272 OSVDB: 85152 Background HP Application Lifecycle Management ALM is a software product designed to manage the application lifecycle from requirements through readiness for delivery from a single repository, providing a consistent user experience and customizable...

7.6AI score
Exploits0
Rows per page
Query Builder