8 matches found
WebUntis 2020.12.1 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications I. VULNERABILITY ------------------------- WebUntis 2020.12.1 - Authenticated Cross Site Scripting II. BACKGROUND ------------------------- WebUntis is a tool for schools and universities to deliver electronic timetables to their students...
WebUntis 2020.12.1 Cross Site Scripting
I. VULNERABILITY ------------------------- WebUntis 2020.12.1 - Authenticated Cross Site Scripting II. BACKGROUND ------------------------- WebUntis is a tool for schools and universities to deliver electronic timetables to their students. Depending from the activated modules it does also contain...
Samsung OTP OTP_GET_CRYPTO_DERIVED_KEY Buffer Overflow Vulnerability
Stack buffer overflow and information disclosure vulnerabilities exist in the Samsung OTP TrustZone trustlet via OTPGETCRYPTODERIVEDKEY. Stack buffer overflow and information disclosure in OTP TrustZone trustlet via OTPGETCRYPTODERIVEDKEY As a part of the KNOX extensions available on Samsung...
Samsung Devices KNOX Extensions - OTP TrustZone Trustlet Stack Buffer Overflow
Samsung Devices KNOX Extensions - OTP TrustZone Trustlet Stack Buffer Overflow / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=938 As a part of the KNOX extensions available on Samsung devices, Samsung provides a TrustZone trustlet which allows the generation of OTP tokens. Th...
CVE-2013-5429
The Risk Based Access functionality in IBM Tivoli Federated Identity Manager TFIM 6.2.2 before FP9 and Tivoli Federated Identity Manager Business Gateway TFIMBG 6.2.2 before FP9 does not prevent reuse of One Time Password OTP tokens, which makes it easier for remote authenticated users to complet...
Authenex A-KeyASAS Web Management Control 3.1.0.2 - Blind SQL Injection
Authenex A-KeyASAS Web Management Control 3.1.0.2 - Blind SQL Injection ============================================================ FOREGROUND SECURITY, SECURITY ADVISORY 2011-002 - Original release date: September 21, 2011 - Discovered by: Jose Carlos de Arriba - Senior Security Analyst at...
Authenex A-Key/ASAS Web Management Control 3.1.0.2 - Blind SQL Injection
============================================================ FOREGROUND SECURITY, SECURITY ADVISORY 2011-002 - Original release date: September 21, 2011 - Discovered by: Jose Carlos de Arriba - Senior Security Analyst at Foreground Security - Contact: jcarriba at foregroundsecurity dot com, dade ...
Authenex SQL Injection
============================================================ FOREGROUND SECURITY, SECURITY ADVISORY 2011-002 - Original release date: September 21, 2011 - Discovered by: Jose Carlos de Arriba - Senior Security Analyst at Foreground Security - Contact: jcarriba at foregroundsecurity dot com, dade ...