EUVD-2014-0863

Malware in sbrugna...

oac.cdlib.org Cross Site Scripting vulnerability OBB-3895671

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

ilgrifone-puglia.it Improper Access Control vulnerability OBB-3840818

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

revistabiomedica.org Improper Access Control vulnerability OBB-1303098

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

surprize-enterprize.com Improper Access Control vulnerability OBB-1270916

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Security Bulletin: Path Traversal exposure in the Save/Export function of the FTM OAC

Summary The "Save/Export" function available on all search result displays tabulated results is potentially vulnerable to a Path Traversal type attack. Vulnerability Details CVEID: CVE-2018-1847 DESCRIPTION: IBM Financial Transaction Manager FTM for Multi-Platform MP could allow a remote attacker...

Security Bulletin: IBM Financial Transaction Manager 2.0 and 2.1 OAC vulnerabilities (CVE-2014-0830, CVE-2014-0831, CVE-2014-0832 , CVE-2014-0833)

Summary IBM Financial Transaction Manager 2.0 and 2.1 OAC vulnerabilities Vulnerability Details CVE ID: CVE-2014-0830 SUMMARY: FTM 2.0 and 2.1 Table export function exposes a path traversal vulnerability DESCRIPTION: Search results in the FTM console can be exported as CSV format text files. As...

CVE-2017-12342

A vulnerability in the Open Agent Container OAC feature of Cisco Nexus Series Switches could allow an unauthenticated, local attacker to read and send packets outside the scope of the OAC. The vulnerability is due to insufficient internal security measures in the OAC feature. An attacker could...

CVE-2017-12342

CVE-2017-12342 targets Cisco Nexus Series Switches via the Open Agent Container (OAC) feature. The root cause is insufficient internal security in OAC, allowing an unauthenticated, local attacker to craft packets that operate outside the OAC scope and potentially run code on the underlying host O...

CVE-2014-0831

Cross-site request forgery CSRF vulnerability in the OAC component in IBM Financial Transaction Manager FTM 2.0 before 2.0.0.3 allows remote attackers to hijack the authentication of arbitrary users for requests that modify configuration data...

Design/Logic Flaw

The OAC component in IBM Financial Transaction Manager FTM 2.0 before 2.0.0.3 does not properly enforce operator-intervention requirements, which allows remote authenticated users to bypass intended access restrictions via an unspecified process step...

Directory traversal

Directory traversal vulnerability in the table-export implementation in the OAC component in IBM Financial Transaction Manager FTM 2.0 before 2.0.0.3 and 2.1 before 2.1.0.1 allows remote authenticated users to read arbitrary files via a modified pathname...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in configuration-details screens in the OAC component in IBM Financial Transaction Manager FTM 2.0 before 2.0.0.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted text value...

CVE-2014-0833

IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 is affected by CVE-2014-0833 where the OAC component does not properly enforce operator-intervention requirements, allowing an authenticated remote user to bypass intended access restrictions via an unspecified process step. The affected ...

CVE-2014-0833

The OAC component in IBM Financial Transaction Manager FTM 2.0 before 2.0.0.3 does not properly enforce operator-intervention requirements, which allows remote authenticated users to bypass intended access restrictions via an unspecified process step...

CVE-2014-0830

The CVE-2014-0830 family affects IBM Financial Transaction Manager (FTM) 2.0 (before 2.0.0.3) and 2.1 (before 2.1.0.1) in the OAC component. The vulnerability is a directory traversal in the table-export function that allows an authenticated user to read arbitrary files by supplying a modified pa...

CVE-2014-0832

IBM Financial Transaction Manager 2.0/2.1 OAC contains cross-site scripting vulnerabilities in the configuration-details screens. Root cause: injected JavaScript/HTML via crafted text values; impacts authenticated users viewing those records. CVSS base 3.5. Affected: FTM 2.0 (and 2.1). Remediatio...