21 matches found
EUVD-2012-4861
Malware in sbrugna...
EUVD-2012-4863
Malware in sbrugna...
EUVD-2012-4875
Malware in sbrugna...
EUVD-2012-4860
Malware in sbrugna...
EUVD-2012-4862
Malware in sbrugna...
CVE-2012-4950
Cross-site scripting XSS vulnerability in the Keyword Search page in the web interface in Pattern Insight 2.3 allows remote attackers to inject arbitrary web script or HTML via crafted characters that are not properly handled during construction of error messages...
Code injection
The web interface in Pattern Insight 2.3 allows remote attackers to conduct clickjacking attacks via a FRAME element...
CVE-2012-4935
Cross-site request forgery CSRF vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack the authentication of arbitrary users...
CVE-2012-4937
Session fixation vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack web sessions via a jsessionid cookie...
CVE-2012-4938
Cross-site scripting XSS vulnerability in the web interface in Pattern Insight 2.3 allows remote authenticated administrators to inject arbitrary web script or HTML via the banner message...
Session fixation
Session fixation vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack web sessions via a jsessionid cookie...
CVE-2012-4936
The web interface in Pattern Insight 2.3 allows remote attackers to conduct clickjacking attacks via a FRAME element...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack the authentication of arbitrary users...
CVE-2012-4936
The web interface in Pattern Insight 2.3 allows remote attackers to conduct clickjacking attacks via a FRAME element...
CVE-2012-4935
CVE-2012-4935 : Pattern Insight 2.3 web interface contains a Cross-Site Request Forgery (CSRF) vulnerability that can allow an authenticated user to be coerced into performing actions of the attacker’s choosing. The NVD entry lists a base score of 6.8 (Medium) with network attack vector, no user ...
CVE-2012-4936
CVE-2012-4936 concerns Pattern Insight 2.3, whose web interface is vulnerable to clickjacking via a FRAME element. The CVE description from NVD states that remote attackers can conduct clickjacking against the Pattern Insight web interface, with the effect of framing the application and potential...
CVE-2012-4937
CVE-2012-4937 affects Pattern Insight 2.3. The web interface suffers a session-management weakness (session fixation) where a jsession_id cookie can be used to hijack an authenticated session. Impact, as described, includes potential privilege escalation or authentication bypass for an attacker w...
CVE-2012-4950
CVE-2012-4950 is a reflected cross-site scripting vulnerability in the Keyword Search page of the Pattern Insight 2.3 web interface. The issue arises because certain characters in error-message construction are not properly escaped, allowing a remote attacker to inject arbitrary script/HTML via a...
CVE-2012-4935
Cross-site request forgery CSRF vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack the authentication of arbitrary users...
CVE-2012-4937
Session fixation vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack web sessions via a jsessionid cookie...