21 matches found
EUVD-2012-4861
Malware in sbrugna...
EUVD-2012-4860
Malware in sbrugna...
EUVD-2012-4862
Malware in sbrugna...
EUVD-2012-4863
Malware in sbrugna...
EUVD-2012-4875
Malware in sbrugna...
CVE-2012-4950
Cross-site scripting XSS vulnerability in the Keyword Search page in the web interface in Pattern Insight 2.3 allows remote attackers to inject arbitrary web script or HTML via crafted characters that are not properly handled during construction of error messages...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack the authentication of arbitrary users...
Session fixation
Session fixation vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack web sessions via a jsessionid cookie...
Code injection
The web interface in Pattern Insight 2.3 allows remote attackers to conduct clickjacking attacks via a FRAME element...
CVE-2012-4935
Cross-site request forgery CSRF vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack the authentication of arbitrary users...
CVE-2012-4936
The web interface in Pattern Insight 2.3 allows remote attackers to conduct clickjacking attacks via a FRAME element...
CVE-2012-4938
Cross-site scripting XSS vulnerability in the web interface in Pattern Insight 2.3 allows remote authenticated administrators to inject arbitrary web script or HTML via the banner message...
CVE-2012-4937
Session fixation vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack web sessions via a jsessionid cookie...
CVE-2012-4936
The web interface in Pattern Insight 2.3 allows remote attackers to conduct clickjacking attacks via a FRAME element...
CVE-2012-4937
Session fixation vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack web sessions via a jsessionid cookie...
CVE-2012-4935
CVE-2012-4935 : Pattern Insight 2.3 web interface contains a Cross-Site Request Forgery (CSRF) vulnerability that can allow an authenticated user to be coerced into performing actions of the attacker’s choosing. The NVD entry lists a base score of 6.8 (Medium) with network attack vector, no user ...
CVE-2012-4935
Cross-site request forgery CSRF vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack the authentication of arbitrary users...
CVE-2012-4936
CVE-2012-4936 concerns Pattern Insight 2.3, whose web interface is vulnerable to clickjacking via a FRAME element. The CVE description from NVD states that remote attackers can conduct clickjacking against the Pattern Insight web interface, with the effect of framing the application and potential...
CVE-2012-4938
CVE-2012-4938 affects Pattern Insight 2.3 web interface. The root cause is that HTML is allowed in the banner message, enabling an authenticated administrator to inject arbitrary web script or HTML, i.e., a cross-site scripting (XSS) condition. The issue is contextual: exploitation requires exist...
CVE-2012-4937
CVE-2012-4937 affects Pattern Insight 2.3. The web interface suffers a session-management weakness (session fixation) where a jsession_id cookie can be used to hijack an authenticated session. Impact, as described, includes potential privilege escalation or authentication bypass for an attacker w...