Lucene search
+L

15 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-2689

Malware in sbrugna...

6.5CVSS6.6AI score0.06902EPSS
Exploits3References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-2690

Malware in sbrugna...

6.5CVSS6.6AI score0.06606EPSS
Exploits3References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-2691

Malware in sbrugna...

5.4CVSS5.7AI score0.02427EPSS
Exploits3References7
NVD
NVD
added 2016/04/22 10:59 a.m.25 views

CVE-2016-1596

Multiple cross-site scripting XSS vulnerabilities in Micro Focus Novell Service Desk before 7.2 allow remote authenticated users to inject arbitrary web script or HTML via a certain 1 user name, 2 tfaClientFirstName, 3 tfaClientLastName, 4 taselectedTopicContent, 5 tforgUnitName, 6...

5.4CVSS5.2AI score0.02427EPSS
Exploits3References5
NVD
NVD
added 2016/04/22 10:59 a.m.27 views

CVE-2016-1595

LiveTime/WebObjects/LiveTime.woa/wa/DownloadAction/downloadFile in Micro Focus Novell Service Desk before 7.2 allows remote authenticated users to conduct Hibernate Query Language HQL injection attacks and obtain sensitive information via the entityName parameter...

6.5CVSS6.3AI score0.06606EPSS
Exploits3References5
NVD
NVD
added 2016/04/22 10:59 a.m.26 views

CVE-2016-1594

Micro Focus Novell Service Desk before 7.2 allows remote authenticated users to read arbitrary attachments via a request to a LiveTime.woa URL, as demonstrated by obtaining sensitive information via a 1 downloadLogFiles or 2 downloadFile action...

6.5CVSS6.1AI score0.06902EPSS
Exploits3References5
Prion
Prion
added 2016/04/22 10:59 a.m.20 views

Deserialization of untrusted data

Micro Focus Novell Service Desk before 7.2 allows remote authenticated users to read arbitrary attachments via a request to a LiveTime.woa URL, as demonstrated by obtaining sensitive information via a 1 downloadLogFiles or 2 downloadFile action...

4CVSS6.4AI score0.06902EPSS
Exploits3References5Affected Software1
Prion
Prion
added 2016/04/22 10:59 a.m.21 views

Directory traversal

Directory traversal vulnerability in the import users feature in Micro Focus Novell Service Desk before 7.2 allows remote authenticated administrators to upload and execute arbitrary JSP files via a .. dot dot in a filename within a multipart/form-data POST request to a LiveTime.woa URL...

6.5CVSS7.2AI score0.64142EPSS
Exploits7References8Affected Software1
NVD
NVD
added 2016/04/22 10:59 a.m.24 views

CVE-2016-1593

Directory traversal vulnerability in the import users feature in Micro Focus Novell Service Desk before 7.2 allows remote authenticated administrators to upload and execute arbitrary JSP files via a .. dot dot in a filename within a multipart/form-data POST request to a LiveTime.woa URL...

7.2CVSS7AI score0.64142EPSS
Exploits7References8
Prion
Prion
added 2016/04/22 10:59 a.m.16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Micro Focus Novell Service Desk before 7.2 allow remote authenticated users to inject arbitrary web script or HTML via a certain 1 user name, 2 tfaClientFirstName, 3 tfaClientLastName, 4 taselectedTopicContent, 5 tforgUnitName, 6...

3.5CVSS5.6AI score0.02427EPSS
Exploits3References5Affected Software1
CVE
CVE
added 2016/04/22 10:0 a.m.70 views

CVE-2016-1596

CVE-2016-1596 affects Micro Focus/Novell Service Desk prior to 7.2, where multiple XSS flaws exist. Remote authenticated users can inject arbitrary web script or HTML via (1) user name, (2) tf_aClientFirstName, (3) tf_aClientLastName, (4) ta_selectedTopicContent, (5) tf_orgUnitName, (6) tf_aManuf...

5.4CVSS5.5AI score0.02427EPSS
Exploits3References5Affected Software1
CVE
CVE
added 2016/04/22 10:0 a.m.60 views

CVE-2016-1593

CVE-2016-1593 affects Micro Focus/Novell Service Desk prior to 7.2. A directory traversal flaw in the import users feature allows a remote authenticated administrator to upload and execute arbitrary JSP files via a .. (dot dot) in a filename in a multipart/form-data POST to LiveTime.woa, enabling...

7.2CVSS6.9AI score0.64142EPSS
Exploits7References8Affected Software1
Cvelist
Cvelist
added 2016/04/22 10:0 a.m.32 views

CVE-2016-1596

Multiple cross-site scripting XSS vulnerabilities in Micro Focus Novell Service Desk before 7.2 allow remote authenticated users to inject arbitrary web script or HTML via a certain 1 user name, 2 tfaClientFirstName, 3 tfaClientLastName, 4 taselectedTopicContent, 5 tforgUnitName, 6...

5.7AI score0.02427EPSS
Exploits3References5
Cvelist
Cvelist
added 2016/04/22 10:0 a.m.31 views

CVE-2016-1593

Directory traversal vulnerability in the import users feature in Micro Focus Novell Service Desk before 7.2 allows remote authenticated administrators to upload and execute arbitrary JSP files via a .. dot dot in a filename within a multipart/form-data POST request to a LiveTime.woa URL...

7AI score0.64142EPSS
Exploits7References8
Cvelist
Cvelist
added 2016/04/22 10:0 a.m.35 views

CVE-2016-1594

Micro Focus Novell Service Desk before 7.2 allows remote authenticated users to read arbitrary attachments via a request to a LiveTime.woa URL, as demonstrated by obtaining sensitive information via a 1 downloadLogFiles or 2 downloadFile action...

6.2AI score0.06902EPSS
Exploits3References5
Rows per page
Query Builder