5 matches found
EUVD-2013-2913
Malware in sbrugna...
Security Bulletin: TADDM - BIRT viewer allow bypass authorization
Summary TADDM fails to properly check for authorization when allowing a user to view BIRT reports. It is possible to bypass authorization in the application via parameters manipulation in the BIRT reporting URL. Vulnerability Details CVE-2013-2974 BIRT viewer allow bypass authorization Descriptio...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in the Jammer module before 6.x-1.8 and 7.x-1.x before 7.x-1.4 for Drupal allow remote attackers to hijack the authentication of administrators for requests that delete a setting for 1 hidden form elements or 2 status messages via unspecifi...
CVE-2013-2974
The BIRT viewer in IBM Tivoli Application Dependency Discovery Manager TADDM 7.2.1.x before 7.2.1.5 allows remote authenticated users to bypass authorization checks and obtain report-administration privileges, and consequently create or delete reports or conduct SQL injection attacks, via crafted...
Authorization
The BIRT viewer in IBM Tivoli Application Dependency Discovery Manager TADDM 7.2.1.x before 7.2.1.5 allows remote authenticated users to bypass authorization checks and obtain report-administration privileges, and consequently create or delete reports or conduct SQL injection attacks, via crafted...