49 matches found
download.pmi.it IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-558096 Description| Value ---|--- Affected Website:| download.pmi.it Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated Disclosure bas...
CVE-2016-1911
Multiple cross-site scripting XSS vulnerabilities in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to the 1 Runtime Workbench RWB or 2 Pmitest servlet in the Process Monitoring Infrastructure PMI, aka SAP Security Notes 2206793 and 2234918...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to the 1 Runtime Workbench RWB or 2 Pmitest servlet in the Process Monitoring Infrastructure PMI, aka SAP Security Notes 2206793 and 2234918...
IBM WebSphere Application Server < 6.0.2.33 Multiple Vulnerabilities
IBM WebSphere Application Server 6.0.2 before Fix Pack 33 appears to be running on the remote host. As such, it is reportedly affected by multiple vulnerabilities : - Provided an attacker has valid credentials, it may be possible to hijack an authenticated session. PK66676 - The PerfServlet code...
Open redirect
Unspecified vulnerability in the Performance Monitoring Infrastructure PMI feature in the Servlet Engine/Web Container component in IBM WebSphere Application Server WAS 6.1.x before 6.1.0.19, when a component statistic is enabled, allows attackers to cause a denial of service daemon crash via...
CVE-2008-4285
CVE-2008-4285 affects IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.19, specifically the Servlet Engine/Web Container PMI feature. When a component statistic is enabled, it allows a denial of service (daemon crash) via vectors described as a gradual degradation in performance. No expl...
IBM WebSphere Application Server 6.1 < Fix Pack 21 Multiple Flaws
IBM WebSphere Application Server 6.1 before Fix Pack 21 appears to be running on the remote host. As such, it is reportedly affected by multiple flaws : - Provided Performance Monitoring Infrastructure PMI is enabled, it may be possible for a local attacker to obtain sensitive information through...
Design/Logic Flaw
PerfServlet in the PMI/Performance Tools component in IBM WebSphere Application Server WAS 6.0.x before 6.0.2.31, 6.1.x before 6.1.0.21, and 7.0.x before 7.0.0.1, when Performance Monitoring Infrastructure PMI is enabled, allows local users to obtain sensitive information by reading the 1...
CVE-2009-0434
PerfServlet in IBM WebSphere Application Server (WAS) PMI/Performance Tools is affected: when PMI is enabled, a local attacker can read systemout.log and ffdc files to obtain sensitive information. Affected versions include WAS 6.0.x before 6.0.2.31, 6.1.x before 6.1.0.21, and 7.0.x before 7.0.0....