Lucene search
+L

49 matches found

Openbugbounty
Openbugbounty
added 2018/02/12 6:25 p.m.14 views

download.pmi.it IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-558096 Description| Value ---|--- Affected Website:| download.pmi.it Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated Disclosure bas...

6.4AI score
Exploits0
NVD
NVD
added 2016/01/15 8:59 p.m.24 views

CVE-2016-1911

Multiple cross-site scripting XSS vulnerabilities in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to the 1 Runtime Workbench RWB or 2 Pmitest servlet in the Process Monitoring Infrastructure PMI, aka SAP Security Notes 2206793 and 2234918...

6.1CVSS6AI score0.0102EPSS
Exploits0References5
Prion
Prion
added 2016/01/15 8:59 p.m.20 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to the 1 Runtime Workbench RWB or 2 Pmitest servlet in the Process Monitoring Infrastructure PMI, aka SAP Security Notes 2206793 and 2234918...

4.3CVSS6.1AI score0.0102EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2009/04/10 12:0 a.m.37 views

IBM WebSphere Application Server < 6.0.2.33 Multiple Vulnerabilities

IBM WebSphere Application Server 6.0.2 before Fix Pack 33 appears to be running on the remote host. As such, it is reportedly affected by multiple vulnerabilities : - Provided an attacker has valid credentials, it may be possible to hijack an authenticated session. PK66676 - The PerfServlet code...

6.2CVSS6AI score0.01764EPSS
Exploits0References6
Prion
Prion
added 2009/02/17 5:30 p.m.18 views

Open redirect

Unspecified vulnerability in the Performance Monitoring Infrastructure PMI feature in the Servlet Engine/Web Container component in IBM WebSphere Application Server WAS 6.1.x before 6.1.0.19, when a component statistic is enabled, allows attackers to cause a denial of service daemon crash via...

5CVSS6.7AI score0.01157EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2009/02/17 5:0 p.m.50 views

CVE-2008-4285

CVE-2008-4285 affects IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.19, specifically the Servlet Engine/Web Container PMI feature. When a component statistic is enabled, it allows a denial of service (daemon crash) via vectors described as a gradual degradation in performance. No expl...

5CVSS6.3AI score0.01157EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2009/02/12 12:0 a.m.24 views

IBM WebSphere Application Server 6.1 < Fix Pack 21 Multiple Flaws

IBM WebSphere Application Server 6.1 before Fix Pack 21 appears to be running on the remote host. As such, it is reportedly affected by multiple flaws : - Provided Performance Monitoring Infrastructure PMI is enabled, it may be possible for a local attacker to obtain sensitive information through...

1.9CVSS5.5AI score0.00321EPSS
Exploits0References5
Prion
Prion
added 2009/02/10 10:30 p.m.17 views

Design/Logic Flaw

PerfServlet in the PMI/Performance Tools component in IBM WebSphere Application Server WAS 6.0.x before 6.0.2.31, 6.1.x before 6.1.0.21, and 7.0.x before 7.0.0.1, when Performance Monitoring Infrastructure PMI is enabled, allows local users to obtain sensitive information by reading the 1...

1.9CVSS5.7AI score0.0145EPSS
Exploits1References8Affected Software1
CVE
CVE
added 2009/02/10 10:13 p.m.54 views

CVE-2009-0434

PerfServlet in IBM WebSphere Application Server (WAS) PMI/Performance Tools is affected: when PMI is enabled, a local attacker can read systemout.log and ffdc files to obtain sensitive information. Affected versions include WAS 6.0.x before 6.0.2.31, 6.1.x before 6.1.0.21, and 7.0.x before 7.0.0....

1.9CVSS5.5AI score0.00321EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder