26 matches found
Dell powerflex presentation server data forgery issue vulnerability
DELL Dell EMC PowerFlex is an application from Dell of America DELL, Inc. Dell powerflex presentation server data forgery issue vulnerability, which originates from the product's websocket in the Presentation Server/WebUI does not do user identity An attacker could hijack the Websocket to trick...
Dell EMC PowerFlex数据伪造问题漏洞
DELL Dell EMC PowerFlex is an application from Dell of America DELL, Inc. Dell powerflex presentation server data forgery issue vulnerability, which originates from the product's websocket in the Presentation Server/WebUI does not do user identity An attacker could hijack the Websocket to trick...
USN-4792-1 freeipa vulnerabilities
It was discovered that FreeIPA incorrectly handled certificates. An attacker could possibly use this issue to cause a denial of service by revoking arbitrary certificates This issue only affected Ubuntu 16.04 ESM. CVE-2016-5404 It was discovered that FreeIPA incorrectly handled authentication...
CVE-2019-14808
An issue was discovered in the RENPHO application 3.0.0 for iOS. It transmits JSON data unencrypted to a server without an integrity check, if a user changes personal data in his profile tab e.g., exposure of his birthday or logs into his account i.e., exposure of credentials...
Job Links - Arbitrary File Upload
Job Links - Arbitrary File Upload Exploit Title: Job Links - Complete Job Management Script - Arbitrary File Upload Dork: N/A Date: 26.09.2017 Vendor Homepage: http://teamworktec.com/ Software Link: https://codecanyon.net/item/job-links-complete-job-management-script/20672089 Demo:...
CVE-2007-6497
Hosting Controller 6.1 Hot fix 3.3 and earlier 1 allows remote attackers to change arbitrary user profiles via a request to Hosting/Addreseller.asp with modified loginname and email parameters; and 2 allows remote authenticated users to change a credit amount and increase a discount via an...