18 matches found
CVE-2021-41083
Dada Mail is a web-based e-mail list management system. In affected versions a bad actor could give someone a carefully crafted web page via email, SMS, etc, that - when visited, allows them control of the list control panel as if the bad actor was logged in themselves. This includes changing any...
EUVD-2021-28232
Malicious code in bioql PyPI...
CVE-2024-2097
An authenticated malicious client can send a special LINQ query to execute arbitrary code remotely RCE on the SCM server from List control, and execute the arbitrary code on the same system where SCMArchivedEventViewerTool is installed in the case of SCM Tools...
CVE-2024-2097
An authenticated malicious client can send a special LINQ query to execute arbitrary code remotely RCE on the SCM server from List control, and execute the arbitrary code on the same system where SCMArchivedEventViewerTool is installed in the case of SCM Tools...
CVE-2024-2097
An authenticated malicious client can send a special LINQ query to execute arbitrary code remotely RCE on the SCM server from List control, and execute the arbitrary code on the same system where SCMArchivedEventViewerTool is installed in the case of SCM Tools...
CVE-2024-2097
CVE-2024-2097 affects Hitachi Energy MACH SCM Server. An authenticated malicious client can use the SCM List control to submit a crafted LINQ query and remotely execute arbitrary code on the SCM Server (the host running SCMArchivedEventViewerTool). The vulnerability path relies on authenticated a...
PT-2024-18819 · Unknown · Scm Server
Name of the Vulnerable Software and Affected Versions: SCM Server affected versions not specified Description: The issue allows an authenticated malicious client to send a special LINQ query to execute arbitrary code remotely on the SCM Server, which an attacker would not otherwise have...
CVE-2021-41083
Dada Mail is a web-based e-mail list management system. In affected versions a bad actor could give someone a carefully crafted web page via email, SMS, etc, that - when visited, allows them control of the list control panel as if the bad actor was logged in themselves. This includes changing any...
IBM Business Process Manager Cross-Site Scripting Vulnerability (CNVD-2016-01477)
IBM Business Process Manager BPM is a comprehensive set of business process management platform from IBM in the United States. The platform provides a range of tools related to process modeling, assembly, monitoring and deployment for business. A cross-site scripting vulnerability exists in the...
CVE-2016-0227
Cross-site scripting XSS vulnerability in the document-list control implementation in IBM Business Process Manager BPM 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.2, and 8.5.5 and 8.5.6 through 8.5.6.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...
Cross site scripting
Cross-site scripting XSS vulnerability in the document-list control implementation in IBM Business Process Manager BPM 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.2, and 8.5.5 and 8.5.6 through 8.5.6.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...
CVE-2016-0227
Cross-site scripting XSS vulnerability in the document-list control implementation in IBM Business Process Manager BPM 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.2, and 8.5.5 and 8.5.6 through 8.5.6.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...
Cisco ASA <= 8.x VPN SSL module Clientless URL-list control bypass
No description provided by source...
Cisco ASA 8.x - VPN SSL Module Clientless URL-list control Bypass
============================================= INTERNET SECURITY AUDITORS ALERT 2009-013 - Original release date: December 7th, 2009 - Last revised: December 16th, 2009 - Discovered by: David Eduardo Acosta Rodriguez - Severity: 4/10 CVSS Base Score ============================================= I...
Cisco ASA <= 8.x VPN SSL module Clientless URL-list control bypass
Exploit for unknown platform in category remote exploits ================================================================== Cisco ASA = 8.x VPN SSL module Clientless URL-list control bypass ================================================================== Title: Cisco ASA = 8.x VPN SSL module...
CA BrightStor ARCserve Backup r11.5 ActiveX Remote BOF Exploit
No description provided by source. HTML !-- CA BrightStor ARCserve Backup r11.5 AddColumn 0day ActiveX Remote Buffer Overflow Exploit Bug discovered by Krystian Kloskowski h07 [email protected] Tested on: - CA BrightStor ARCserve Backup r11.5 ftp://ftp.ca.com/priv/trial/BABr11/BABLDr115/BABLDr115.zi...
CA BrightStor ARCserve Backup r11.5 ActiveX Remote BOF Exploit 0day
No description provided by source. HTML !-- CA BrightStor ARCserve Backup r11.5 AddColumn 0day ActiveX Remote Buffer Overflow Exploit Bug discovered by Krystian Kloskowski h07 [email protected] Tested on: - CA BrightStor ARCserve Backup r11.5 ftp://ftp.ca.com/priv/trial/BABr11/BABLDr115/BABLDr115.zi...
CA BrightStor ARCserve Backup r11.5 - ActiveX Remote Buffer Overflow
CA BrightStor ARCserve Backup r11.5 - ActiveX Remote Buffer Overflow Tested on: - CA BrightStor ARCserve Backup r11.5 ftp://ftp.ca.com/priv/trial/BABr11/BABLDr115/BABLDr115.zip - IE 6 - XP SP2 Polish Details:.. Filename: CA\DSM\bin\ListCtrl.ocx File description: Unicenter DSM r11 List Control ATX...