Lucene search
K

22 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2009-1292

Malware in sbrugna...

4.3CVSS6.4AI score0.04696EPSS
Exploits2References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2009-1291

Malware in sbrugna...

5CVSS6.4AI score0.01818EPSS
Exploits2References8
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

Novell Teaming 1.0 User Enumeration Weakness and Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/34531/info Novell Teaming is prone to a user-enumeration weakness and multiple cross-site scripting vulnerabilities. A remote attacker can exploit the user-enumeration weakness to enumerate valid usernames and then perfor...

7.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2010/09/24 12:0 a.m.3 views

Update Protection against Novell Teaming ajaxUploadImageFile Remote Code Execution

A remote code execution vulnerability exists in Novell Teaming, a team workspace and real-time collaboration tool.The flaw is due to an input validation when parsing image uploads. A remote attacker could exploit this vulnerability by uploading a maliciously crafted file...

7.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2010/08/19 12:0 a.m.3 views

Novell Teaming ajaxUploadImageFile Remote Code Execution (CVE-2010-2773)

Novell Teaming is a team workspace and real-time collaboration tool. It enables users to create, share, discuss, and manage information. A remote code execution vulnerability has been reported in Novell Teaming. The flaw is due to an input validation when parsing image uploads. A remote attacker...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2010/07/23 12:0 a.m.51 views

ZDI-10-136: Novell Teaming ajaxUploadImageFile Remote Code Execution Vulnerability

ZDI-10-136: Novell Teaming ajaxUploadImageFile Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-136 July 21, 2010 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Novell -- Affected Products: Novell Access Manager -- TippingPointTM IPS Customer...

1.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/07/20 12:0 a.m.16 views

Novell Teaming Default Credentials

The installed version of Novell Teaming hosted on the remote web server uses the default username and password to control access to its administrative console. Knowing these, an attacker can gain control of the affected application. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

5.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/07/20 12:0 a.m.21 views

Novell Teaming Detection

The remote web server hosts Novell Teaming, a web-based collaboration application. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid47803; scriptversion"1.6"; scriptcvsdate"Date: 2019/11/22"; scriptnameenglish:"Novell Teaming Detection"; scriptsummaryenglish:"Checks fo...

5.4AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2009/04/21 12:0 a.m.29 views

Novell Teaming Login User Account Enumeration Weakness

The remote host is running Novell Teaming, a collaboration and conferencing application. The version of Novell Teaming installed on the remote host allows an unauthenticated remote attacker to enumerate users during the login phase because the web application responds with different messages when...

5CVSS5.5AI score0.01818EPSS
Exploits2References4
securityvulns
securityvulns
added 2009/04/17 12:0 a.m.110 views

SEC Consult SA-20090415-0 :: Multiple Vulnerabilities in Novell Teaming

SEC Consult Security Advisory 20090415-0 ========================================================================== title: Novell Teaming Multiple Vulnerabilities Username Enumeration Multiple Cross Site Scripting Includes vulnerable Liferay portal program: Novell Teaming vulnerable version: 1.0....

6.4AI score
Exploits0
NVD
NVD
added 2009/04/16 3:12 p.m.24 views

CVE-2009-1294

Multiple cross-site scripting XSS vulnerabilities in web/guest/home in the Liferay 4.3.0 portal in Novell Teaming 1.0 through SP3 1.0.3 allow remote attackers to inject arbitrary web script or HTML via the 1 ppstate or 2 ppmode parameters...

4.3CVSS5.8AI score0.04696EPSS
Exploits2References7
NVD
NVD
added 2009/04/16 3:12 p.m.24 views

CVE-2009-1293

The web login functionality c/portal/login in Novell Teaming 1.0 through SP3 1.0.3 generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames...

5CVSS6.6AI score0.01818EPSS
Exploits2References7
Prion
Prion
added 2009/04/16 3:12 p.m.16 views

Code injection

The web login functionality c/portal/login in Novell Teaming 1.0 through SP3 1.0.3 generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames...

5CVSS7.2AI score0.01818EPSS
Exploits2References7Affected Software1
Prion
Prion
added 2009/04/16 3:12 p.m.19 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in web/guest/home in the Liferay 4.3.0 portal in Novell Teaming 1.0 through SP3 1.0.3 allow remote attackers to inject arbitrary web script or HTML via the 1 ppstate or 2 ppmode parameters...

4.3CVSS6AI score0.04696EPSS
Exploits2References7Affected Software2
Cvelist
Cvelist
added 2009/04/16 3:0 p.m.20 views

CVE-2009-1294

Multiple cross-site scripting XSS vulnerabilities in web/guest/home in the Liferay 4.3.0 portal in Novell Teaming 1.0 through SP3 1.0.3 allow remote attackers to inject arbitrary web script or HTML via the 1 ppstate or 2 ppmode parameters...

5.8AI score0.04696EPSS
Exploits2References7
Cvelist
Cvelist
added 2009/04/16 3:0 p.m.22 views

CVE-2009-1293

The web login functionality c/portal/login in Novell Teaming 1.0 through SP3 1.0.3 generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames...

6.6AI score0.01818EPSS
Exploits2References7
CVE
CVE
added 2009/04/16 3:0 p.m.50 views

CVE-2009-1293

The CVE-2009-1293 issue affects Novell Teaming 1.0–SP3 (1.0.3) web login (c/portal/login). The vulnerability enables remote user enumeration because the login responses differ for valid versus invalid usernames. Nessus also notes a likely related cross-site scripting risk due to unsanitized p_p_s...

5CVSS6.9AI score0.01818EPSS
Exploits2References7Affected Software1
CVE
CVE
added 2009/04/16 3:0 p.m.52 views

CVE-2009-1294

CVE-2009-1294 affects Novell Teaming 1.0 up to SP3 (1.0.3) with XSS in web/guest/home, caused by improper validation/escaping of p_p_state and p_p_mode parameters. Remote attackers can inject arbitrary scripts; impact is web-page script execution. Public details reference Liferay 4.3.0 portal con...

4.3CVSS5.9AI score0.04696EPSS
Exploits2References7Affected Software2
seebug.org
seebug.org
added 2009/04/16 12:0 a.m.40 views

Novell Teaming用户枚举和跨站脚本漏洞

BUGTRAQ ID: 34531 CVECAN ID: CVE-2009-1294,CVE-2009-1293 Novell Teaming是专为团队协同作业而设计的解决方案,内含各种企业社区网络与工作流程功能。 Novell Teaming通过以下登录表单执行用户认证: https://teaming.example.com/c/portal/login 对于有效的和无效的用户名,Web应用会返回不同的响应(Please enter a valid login/Auhtentication failed),这就允许攻击者通过字典或暴力猜测攻击推测出是否存在特定的用户名。 Novell...

5CVSS6.4AI score0.04696EPSS
Exploits3
Exploit DB
Exploit DB
added 2009/04/15 12:0 a.m.27 views

Novell Teaming 1.0 - User Enumeration / Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/34531/info Novell Teaming is prone to a user-enumeration weakness and multiple cross-site scripting vulnerabilities. A remote attacker can exploit the user-enumeration weakness to enumerate valid usernames and then perform brute-force attacks; other attac...

7AI score
Exploits0
Rows per page
Query Builder