21 matches found
EUVD-2012-4860
Malware in sbrugna...
EUVD-2012-4862
Malware in sbrugna...
EUVD-2012-4863
Malware in sbrugna...
EUVD-2012-4861
Malware in sbrugna...
EUVD-2012-4875
Malware in sbrugna...
CVE-2012-4950
Cross-site scripting XSS vulnerability in the Keyword Search page in the web interface in Pattern Insight 2.3 allows remote attackers to inject arbitrary web script or HTML via crafted characters that are not properly handled during construction of error messages...
Session fixation
Session fixation vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack web sessions via a jsessionid cookie...
CVE-2012-4935
Cross-site request forgery CSRF vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack the authentication of arbitrary users...
CVE-2012-4936
The web interface in Pattern Insight 2.3 allows remote attackers to conduct clickjacking attacks via a FRAME element...
CVE-2012-4937
Session fixation vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack web sessions via a jsessionid cookie...
CVE-2012-4938
Cross-site scripting XSS vulnerability in the web interface in Pattern Insight 2.3 allows remote authenticated administrators to inject arbitrary web script or HTML via the banner message...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack the authentication of arbitrary users...
Code injection
The web interface in Pattern Insight 2.3 allows remote attackers to conduct clickjacking attacks via a FRAME element...
CVE-2012-4936
The web interface in Pattern Insight 2.3 allows remote attackers to conduct clickjacking attacks via a FRAME element...
CVE-2012-4937
Session fixation vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack web sessions via a jsessionid cookie...
CVE-2012-4935
Cross-site request forgery CSRF vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack the authentication of arbitrary users...
CVE-2012-4950
CVE-2012-4950 is a reflected cross-site scripting vulnerability in the Keyword Search page of the Pattern Insight 2.3 web interface. The issue arises because certain characters in error-message construction are not properly escaped, allowing a remote attacker to inject arbitrary script/HTML via a...
CVE-2012-4938
CVE-2012-4938 affects Pattern Insight 2.3 web interface. The root cause is that HTML is allowed in the banner message, enabling an authenticated administrator to inject arbitrary web script or HTML, i.e., a cross-site scripting (XSS) condition. The issue is contextual: exploitation requires exist...
CVE-2012-4937
CVE-2012-4937 affects Pattern Insight 2.3. The web interface suffers a session-management weakness (session fixation) where a jsession_id cookie can be used to hijack an authenticated session. Impact, as described, includes potential privilege escalation or authentication bypass for an attacker w...
CVE-2012-4935
CVE-2012-4935 : Pattern Insight 2.3 web interface contains a Cross-Site Request Forgery (CSRF) vulnerability that can allow an authenticated user to be coerced into performing actions of the attacker’s choosing. The NVD entry lists a base score of 6.8 (Medium) with network attack vector, no user ...