81 matches found
CVE-2017-8016
RSA Archer GRC Platform prior to 6.2.0.5 is affected by stored cross-site scripting via the Questionnaire ID field. An authenticated attacker may potentially exploit this to execute arbitrary HTML in the user's browser session in the context of the affected RSA Archer application...
CVE-2017-8016
RSA Archer GRC Platform prior to 6.2.0.5 is affected by stored cross-site scripting via the Questionnaire ID field. An authenticated attacker may potentially exploit this to execute arbitrary HTML in the user's browser session in the context of the affected RSA Archer application...
EMC RSA Archer GRC Platform Cross-Site Scripting Vulnerability
EMC RSA Archer GRC Platform is an enterprise IT governance and compliance governance product from EMC Corporation USA. The product enables the development of eGRC programs for managing enterprise risk, automating business processes, and more. A cross-site scripting vulnerability exists in EMC RSA...
Qualys Cloud Platform 2.30 New Features
This release of the Qualys Cloud Platform version 2.30 includes updates and new features for Cloud Agent, EC2 Connector, Web Application Scanning, Web Application Firewall, and Security Assessment Questionnaire, highlights as follows. This posting has been updated on 9/6/2017 and 10/25/2017 to...
Qualys Cloud Platform 2.28 New Features
This release of the Qualys Cloud Platform version 2.28 includes updates and new features for Cloud Agent, AssetView, ThreatPROTECT, Security Assessment Questionnaire and Web Application Scanning, highlights as follows: Cloud Agent Cloud Agent AIX Beta – beta release of Qualys Cloud Agent supporti...
Dynamic Questionnaire: Accelerate Quick and Efficient Responses with Question Gating
As you roll out Security Assessment Questionnaire to your vendors and internal stakeholders, it is necessary to avoid lengthy questionnaires containing many sections with questions that are not relevant to their area of work. It is important that respondents don’t get overwhelmed and spend a lot ...
Qualys Cloud Platform 2.26 New Features
This release of the Qualys Cloud Platform version 2.26 includes updates and new features for Cloud Agent, AssetView, Security Assessment Questionnaire and Web Application Scanning as follows: Highlights Cloud Agent Platform View Module Activation Job Status – adds a button in Agent Management tab...
TYPO3 Questionnaire Extension Information Disclosure Vulnerability
TYPO3 is a free and open source content management system framework CMS/CMF maintained by the Swiss TYPO3 Association. questionnaire is one of the questionnaire extension plugins. An information disclosure vulnerability exists in TYPO3 Questionnaire extension version 2.5.8 and earlier. An attacke...
Information Disclosure in extension "Questionnaire" (ke_questionnaire)
It has been discovered that the extension "Questionnaire" kequestionnaire is susceptible to Information Disclosure. Release Date: May 31, 2016 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: version 2.5.8 and below...
Design/Logic Flaw
IBM Atlas eDiscovery Process Management 6.0.1.5 and earlier and 6.0.2, Disposal and Governance Management for IT 6.0.1.5 and earlier and 6.0.2, and Global Retention Policy and Schedule Management 6.0.1.5 and earlier and 6.0.2 in IBM Atlas Suite aka Atlas Policy Suite do not properly validate...
CVE-2010-4957
SQL injection vulnerability in the Questionnaire kequestionnaire extension before 2.2.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2010-4956
Cross-site scripting XSS vulnerability in the Questionnaire kequestionnaire extension before 2.2.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2010-4957
SQL injection vulnerability in the Questionnaire kequestionnaire extension before 2.2.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2010-4956
Cross-site scripting XSS vulnerability in the Questionnaire kequestionnaire extension before 2.2.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the Questionnaire kequestionnaire extension before 2.2.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2010-4957
CVE-2010-4957 affects the TYPO3 ke_questionnaire extension prior to version 2.2.3. The vulnerability is a SQL injection in the extension that allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Root cause details are limited to the generic SQL injection description ...
CVE-2010-4956
Cross-site scripting XSS vulnerability in the Questionnaire kequestionnaire extension before 2.2.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2010-4957
SQL injection vulnerability in the Questionnaire kequestionnaire extension before 2.2.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Code Widgets Multiple Question - Multiple Choice Online Questionnaire SQL Injections
Code Widgets Multiple Question - Multiple Choice Online Questionnaire SQL Injections source: https://www.securityfocus.com/bid/49210/info Code Widgets Multiple Question - Multiple Choice Online Questionaire is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize...
Code Widgets Multiple Question - Multiple Choice Online Questionnaire SQL Injections
source: https://www.securityfocus.com/bid/49210/info Code Widgets Multiple Question - Multiple Choice Online Questionaire is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...