9 matches found
Code Execution Vulnerability in FineCMS Frontend
FineCMS is a content management system based on PHP+MySql. A code execution vulnerability exists in the frontend of FineCMS version 5.x, which can be exploited by an attacker to execute arbitrary code via a constructed statement...
CollabNet Subversion Edge insecure password change
Vuln Title: The CollabNet Subversion Edge management frontend does not require current password upon password change Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type: Insecure password change...
CollabNet Subversion Edge tail local file inclusion
Vuln Title: Local file inclusion in CollabNet Subversion Edge Management Frontend via logfile "fileName" parameter of the "tail" action Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type: Local...
CollabNet Subversion Edge show local file inclusion
Vuln Title: Local file inclusion in CollabNet Subversion Edge Management Frontend via "fileName" parameter of the show action Date: 10.10.2014 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type: Local file...
CollabNet Subversion Edge Hook Script Privilege Escalation
Vuln Title: The CollabNet Subversion Edge Management Frontend SVN hook scripts privilege escalation Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type: Privilege escalation design flaw CVE :...
CollabNet Subversion Edge indes local file inclusion
Vuln Title: Local file inclusion in CollabNet Subversion Edge Management Frontend via logfile "listViewItem" parameter of the "index" action Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type:...
CollabNet Subversion Edge missing XSRF protection
Vuln Title: The CollabNet Subversion Edge Management Frontend does not implement XSRF protection tokens Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type: XSRF Risk: Low Status: public/fixed Fix...
CollabNet Subversion Edge Management Tail LFI
Vuln Title: Local file inclusion in CollabNet Subversion Edge Management Frontend via logfile "fileName" parameter of the "tail" action Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type: Local...
CollabNet Subversion Edge Management downloadHook LFI
Vuln Title: Local file inclusion in CollabNet Subversion Edge Management Frontend via logfile "filename" parameter of the "downloadHook" action Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type:...