Lucene search
+L

13 matches found

nvd
nvd
added 2013/12/23 10:55 p.m.22 views

CVE-2013-4414

Cross-site scripting XSS vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows remote attackers to inject arbitrary web script or HTML via the "Max allowance" field in the "Set limit" form...

4.3CVSS5.7AI score0.01795EPSS
Exploits0References3
nvd
nvd
added 2013/12/23 10:55 p.m.23 views

CVE-2013-4404

cumin in Red Hat Enterprise MRG Grid 2.4 does not properly enforce user roles, which allows remote authenticated users to bypass intended role restrictions and obtain sensitive information or perform privileged operations via unspecified vectors...

6.5CVSS5.8AI score0.01885EPSS
Exploits0References3
nvd
nvd
added 2013/12/23 10:55 p.m.27 views

CVE-2013-4461

SQL injection vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows remote attackers to execute arbitrary SQL commands via vectors related to the "filtering table operator."...

7.5CVSS8.2AI score0.01891EPSS
Exploits0References3
prion
prion
added 2013/12/23 10:55 p.m.22 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allow remote attackers to hijack the authentication of cumin users for unspecified requests...

6.8CVSS7.7AI score0.00986EPSS
Exploits0References3Affected Software1
prion
prion
added 2013/12/23 10:55 p.m.21 views

Sql injection

SQL injection vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows remote attackers to execute arbitrary SQL commands via vectors related to the "filtering table operator."...

7.5CVSS9AI score0.01891EPSS
Exploits0References3Affected Software1
cve
cve
added 2013/12/23 10:0 p.m.71 views

CVE-2013-4405

Consolidated information shows CVE-2013-4405 affects Red Hat Enterprise MRG Grid 2.4, specifically the cumin web interface. The issue is Cross-Site Request Forgery (CSRF) vulnerabilities that could allow a remote attacker to hijack the authentication of cumin users for unspecified requests. Conne...

6.8CVSS7.3AI score0.00986EPSS
Exploits0References3Affected Software1
cve
cve
added 2013/12/23 10:0 p.m.70 views

CVE-2013-4404

CVE-2013-4404 affects cumin in Red Hat Enterprise MRG Grid 2.4, where user roles are not properly enforced. This allows remote authenticated users to bypass role restrictions and access privileged information or perform privileged operations via unspecified vectors (impact described as partial co...

6.5CVSS5.8AI score0.01885EPSS
Exploits0References3Affected Software1
cve
cve
added 2013/12/23 10:0 p.m.66 views

CVE-2013-4461

CVE-2013-4461 is a SQL injection vulnerability in the cumin web interface of Red Hat Enterprise MRG Grid 2.4. The issue arises from how cumin parses POST request data, allowing a remote attacker (authenticated) to perform SQL injection against cumin’s database. Affected component: cumin in MRG Gr...

7.5CVSS8.5AI score0.01891EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2013/12/23 10:0 p.m.40 views

CVE-2013-4405

Multiple cross-site request forgery CSRF vulnerabilities in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allow remote attackers to hijack the authentication of cumin users for unspecified requests...

7.2AI score0.00986EPSS
Exploits0References3
cvelist
cvelist
added 2013/12/23 10:0 p.m.26 views

CVE-2013-4404

cumin in Red Hat Enterprise MRG Grid 2.4 does not properly enforce user roles, which allows remote authenticated users to bypass intended role restrictions and obtain sensitive information or perform privileged operations via unspecified vectors...

5.8AI score0.01885EPSS
Exploits0References3
cve
cve
added 2013/12/23 10:0 p.m.66 views

CVE-2013-4414

CVE-2013-4414 affects Red Hat Enterprise MRG Grid 2.4, specifically the cumin web interface. The vulnerability arises because input from the Max allowance field in the Set limit form is not properly escaped, allowing remote attackers to inject arbitrary web script or HTML (XSS). The issue is miti...

4.3CVSS5.8AI score0.01795EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2013/12/23 10:0 p.m.45 views

CVE-2013-4461

SQL injection vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows remote attackers to execute arbitrary SQL commands via vectors related to the "filtering table operator."...

8.2AI score0.01891EPSS
Exploits0References3
redhat
redhat
added 2013/12/17 6:28 p.m.6 views

cumin: CSRF protection does not work

Multiple cross-site request forgery CSRF vulnerabilities in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allow remote attackers to hijack the authentication of cumin users for unspecified requests...

6.8CVSS5.8AI score0.00986EPSS
Exploits0References4
Rows per page
Query Builder