60 matches found
CVE-2021-36697
With an admin account, the .htaccess file in Artica Pandora FMS =755 can be overwritten with the File Manager component. The new .htaccess file contains a Rewrite Rule with a type definition. A normal PHP file can be uploaded with this new "file type" and the code can be executed with an HTTP...
CVE-2021-36697
With an admin account, the .htaccess file in Artica Pandora FMS =755 can be overwritten with the File Manager component. The new .htaccess file contains a Rewrite Rule with a type definition. A normal PHP file can be uploaded with this new "file type" and the code can be executed with an HTTP...
CVE-2021-36697
With an admin account, the .htaccess file in Artica Pandora FMS =755 can be overwritten with the File Manager component. The new .htaccess file contains a Rewrite Rule with a type definition. A normal PHP file can be uploaded with this new "file type" and the code can be executed with an HTTP...
CVE-2020-5832
Symantec Data Center Security Manager Component, prior to 6.8.2 aka 6.8 MP2, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected...
CVE-2020-5832
Symantec Data Center Security Manager Component, prior to 6.8.2 aka 6.8 MP2, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected...
The vulnerability of the Manager component in the real-time data synchronization tool Oracle GoldenGate, which allows a hacker to trigger a service failure.
The vulnerability of the Manager component in the real-time data synchronization tool Oracle GoldenGate relates to the handling of the zero pointer. Exploiting this vulnerability could allow a malicious actor to cause a service failure by sending an incorrect command during the TCP connection...
CVE-2018-2914
Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate subcomponent: Manager. Supported versions that are affected are 12.1.2.1.0, 12.2.0.2.0 and 12.3.0.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via TCP to compromise Oracle GoldenGate...
Unspecified Vulnerability in Oracle GoldenGate (CNVD-2018-24118)
Oracle GoldenGate is the United States Oracle Oracle company for real-time data integration and replication in IT environments, a comprehensive software package, which supports real-time data integration, transactional change data capture, data services, transformation and validation capabilities...
TIBCO Security Advisory: May 1, 2018 - TIBCO DataSynapse GridServer -2017-5536
TIBCO DataSynapse GridServer manager component vulnerable to cross-site scripting attacks Original release date: May 1,2018 Last revised: -- CVE-2017-5536 Source: TIBCO Software Inc. TIBCO DataSynapse GridServer manager component vulnerable to cross-site scripting attacks Original release date: M...
Vulnerabilitie in JP1/IT Desktop Management 2 - Manager and JP1/NETM/DM
Overview A Remote Command Execution Vulnerability was found in JP1/IT Desktop Management 2 - Manager and JP1/NETM/DM. Impact Remote attackers might exploit this vulnerability to execute arbitrary commands. Solution Please refer to the 'Vendor Information' section for the official countermeasure a...
CVE-2014-9229
Multiple SQL injection vulnerabilities in interface PHP scripts in the Manager component in Symantec Endpoint Protection SEP before 12.1.6 allow remote authenticated users to execute arbitrary SQL commands by leveraging the Limited Administrator role...
CVE-2014-9227
Multiple untrusted search path vulnerabilities in the Manager component in Symantec Endpoint Protection SEP before 12.1.6 allow local users to gain privileges via a Trojan horse DLL in an unspecified directory...
Joomla Media Manager File Upload Vulnerability
This Metasploit module exploits a vulnerability found in Joomla 2.5.x up to 2.5.13, as well as 3.x up to 3.1.4 versions. The vulnerability exists in the Media Manager component, which comes by default in Joomla, allowing arbitrary file uploads, and results in arbitrary code execution. The module...
CVE-2013-1183
Buffer overflow in the Intelligent Platform Management Interface IPMI functionality in the Manager component in Cisco Unified Computing System UCS 1.0 and 1.1 before 1.11j and 1.2 before 1.21b allows remote attackers to execute arbitrary code via malformed data in a UDP packet, aka Bug ID...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the administrative web interface in Cerberus FTP Server before 5.0.6.0 allow 1 remote attackers to inject arbitrary web script or HTML via a log entry that is not properly handled within the Log Manager component, and might allow 2 remote...
Cisco Unified CallManager xmldirectorylist.jsp SQL Injection Vulnerability
This vulnerability allows remote attackers to inject arbitrary SQL into the backend database on vulnerable installations of Cisco Unified CM. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Call Manager component. The system exposes an Apache...
CVE-2010-0114
fwcharts.php in the reporting module in the Manager aka SEPM component in Symantec Endpoint Protection SEP 11.x before 11 RU6 MP2 allows remote attackers to bypass intended restrictions on report generation, overwrite arbitrary PHP scripts, and execute arbitrary code via a crafted request...
CVE-2009-1964
Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors...
CVE-2009-0979
Unspecified vulnerability in the Resource Manager component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...
Design/Logic Flaw
Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-0975...