Lucene search
K

60 matches found

OSV
OSV
added 2021/11/03 12:15 p.m.4 views

CVE-2021-36697

With an admin account, the .htaccess file in Artica Pandora FMS =755 can be overwritten with the File Manager component. The new .htaccess file contains a Rewrite Rule with a type definition. A normal PHP file can be uploaded with this new "file type" and the code can be executed with an HTTP...

6.7CVSS6.7AI score
Exploits0References3
NVD
NVD
added 2021/11/03 12:15 p.m.25 views

CVE-2021-36697

With an admin account, the .htaccess file in Artica Pandora FMS =755 can be overwritten with the File Manager component. The new .htaccess file contains a Rewrite Rule with a type definition. A normal PHP file can be uploaded with this new "file type" and the code can be executed with an HTTP...

6.7CVSS0.00357EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/11/03 11:33 a.m.32 views

CVE-2021-36697

With an admin account, the .htaccess file in Artica Pandora FMS =755 can be overwritten with the File Manager component. The new .htaccess file contains a Rewrite Rule with a type definition. A normal PHP file can be uploaded with this new "file type" and the code can be executed with an HTTP...

6.9AI score0.00357EPSS
Exploits1References1
OSV
OSV
added 2020/04/06 8:15 p.m.4 views

CVE-2020-5832

Symantec Data Center Security Manager Component, prior to 6.8.2 aka 6.8 MP2, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected...

7.8CVSS7.1AI score0.00383EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/04/06 7:22 p.m.41 views

CVE-2020-5832

Symantec Data Center Security Manager Component, prior to 6.8.2 aka 6.8 MP2, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected...

8AI score0.00383EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/01/30 12:0 a.m.3 views

The vulnerability of the Manager component in the real-time data synchronization tool Oracle GoldenGate, which allows a hacker to trigger a service failure.

The vulnerability of the Manager component in the real-time data synchronization tool Oracle GoldenGate relates to the handling of the zero pointer. Exploiting this vulnerability could allow a malicious actor to cause a service failure by sending an incorrect command during the TCP connection...

7.8CVSS7.2AI score0.03857EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2018/10/17 1:31 a.m.2 views

CVE-2018-2914

Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate subcomponent: Manager. Supported versions that are affected are 12.1.2.1.0, 12.2.0.2.0 and 12.3.0.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via TCP to compromise Oracle GoldenGate...

7.5CVSS5.8AI score0.03857EPSS
Exploits1References3
CNVD
CNVD
added 2018/10/17 12:0 a.m.3 views

Unspecified Vulnerability in Oracle GoldenGate (CNVD-2018-24118)

Oracle GoldenGate is the United States Oracle Oracle company for real-time data integration and replication in IT environments, a comprehensive software package, which supports real-time data integration, transactional change data capture, data services, transformation and validation capabilities...

7.5CVSS7.4AI score0.03857EPSS
Exploits1References1
Tibco
Tibco
added 2018/05/01 10:10 p.m.21 views

TIBCO Security Advisory: May 1, 2018 - TIBCO DataSynapse GridServer -2017-5536

TIBCO DataSynapse GridServer manager component vulnerable to cross-site scripting attacks Original release date: May 1,2018 Last revised: -- CVE-2017-5536 Source: TIBCO Software Inc. TIBCO DataSynapse GridServer manager component vulnerable to cross-site scripting attacks Original release date: M...

3.5CVSS6.6AI score0.00676EPSS
Exploits0Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/11/10 7:59 a.m.2 views

Vulnerabilitie in JP1/IT Desktop Management 2 - Manager and JP1/NETM/DM

Overview A Remote Command Execution Vulnerability was found in JP1/IT Desktop Management 2 - Manager and JP1/NETM/DM. Impact Remote attackers might exploit this vulnerability to execute arbitrary commands. Solution Please refer to the 'Vendor Information' section for the official countermeasure a...

10CVSS7.5AI score
Exploits0References2
Cvelist
Cvelist
added 2015/09/20 8:0 p.m.28 views

CVE-2014-9229

Multiple SQL injection vulnerabilities in interface PHP scripts in the Manager component in Symantec Endpoint Protection SEP before 12.1.6 allow remote authenticated users to execute arbitrary SQL commands by leveraging the Limited Administrator role...

8AI score0.01724EPSS
Exploits0References3
Cvelist
Cvelist
added 2015/09/20 8:0 p.m.27 views

CVE-2014-9227

Multiple untrusted search path vulnerabilities in the Manager component in Symantec Endpoint Protection SEP before 12.1.6 allow local users to gain privileges via a Trojan horse DLL in an unspecified directory...

6.6AI score0.00441EPSS
Exploits0References3
0day.today
0day.today
added 2013/08/15 12:0 a.m.34 views

Joomla Media Manager File Upload Vulnerability

This Metasploit module exploits a vulnerability found in Joomla 2.5.x up to 2.5.13, as well as 3.x up to 3.1.4 versions. The vulnerability exists in the Media Manager component, which comes by default in Joomla, allowing arbitrary file uploads, and results in arbitrary code execution. The module...

7.7AI score
Exploits0
NVD
NVD
added 2013/04/25 10:55 a.m.30 views

CVE-2013-1183

Buffer overflow in the Intelligent Platform Management Interface IPMI functionality in the Manager component in Cisco Unified Computing System UCS 1.0 and 1.1 before 1.11j and 1.2 before 1.21b allows remote attackers to execute arbitrary code via malformed data in a UDP packet, aka Bug ID...

10CVSS7.8AI score0.03596EPSS
Exploits0References1
Prion
Prion
added 2012/12/31 11:50 a.m.14 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the administrative web interface in Cerberus FTP Server before 5.0.6.0 allow 1 remote attackers to inject arbitrary web script or HTML via a log entry that is not properly handled within the Log Manager component, and might allow 2 remote...

4.3CVSS5.7AI score0.01185EPSS
Exploits1References3Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2011/04/28 12:0 a.m.76 views

Cisco Unified CallManager xmldirectorylist.jsp SQL Injection Vulnerability

This vulnerability allows remote attackers to inject arbitrary SQL into the backend database on vulnerable installations of Cisco Unified CM. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Call Manager component. The system exposes an Apache...

7.5CVSS3.2AI score0.24822EPSS
Exploits1References1
Cvelist
Cvelist
added 2010/12/22 12:0 a.m.35 views

CVE-2010-0114

fwcharts.php in the reporting module in the Manager aka SEPM component in Symantec Endpoint Protection SEP 11.x before 11 RU6 MP2 allows remote attackers to bypass intended restrictions on report generation, overwrite arbitrary PHP scripts, and execute arbitrary code via a crafted request...

7.5AI score0.05048EPSS
Exploits0References7
Cvelist
Cvelist
added 2009/10/22 6:0 p.m.19 views

CVE-2009-1964

Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors...

5.4AI score0.02219EPSS
Exploits0References6
NVD
NVD
added 2009/04/15 10:30 a.m.31 views

CVE-2009-0979

Unspecified vulnerability in the Resource Manager component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...

9CVSS5.5AI score0.02153EPSS
Exploits1References5
Prion
Prion
added 2009/04/15 10:30 a.m.32 views

Design/Logic Flaw

Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-0975...

5.5CVSS5.6AI score0.17865EPSS
Exploits3References6Affected Software2
Rows per page
Query Builder