EUVD-2009-2951

Malware in sbrugna...

CVE-2022-38168

Broken Access Control in User Authentication in Avaya Scopia Pathfinder 10 and 20 PTS version 8.3.7.0.4 allows remote unauthenticated attackers to bypass the login page, access sensitive information, and reset user passwords via URL modification...

CVE-2022-38168

Broken Access Control in User Authentication in Avaya Scopia Pathfinder 10 and 20 PTS version 8.3.7.0.4 allows remote unauthenticated attackers to bypass the login page, access sensitive information, and reset user passwords via URL modification...

Avaya Scopia Pathfinder 访问控制错误漏洞

Avaya Scopia Pathfinder is a complete firewall and NAT traversal solution from Avaya USA. An Access Control Error vulnerability exists in Avaya Scopia Pathfinder version 8.3.7.0.4, which originates from a compromised access control in user authentication, allowing an unauthenticated, remote...

CVE-2022-38168

CVE-2022-38168 affects Avaya Scopia Pathfinder 10 and 20 PTS (v8.3.7.0.4). The root cause is Broken Access Control in user authentication, enabling remote unauthenticated attackers to bypass the login page, access sensitive information, and reset passwords via URL modification. The vulnerability ...

CVE-2022-38168

Broken Access Control in User Authentication in Avaya Scopia Pathfinder 10 and 20 PTS version 8.3.7.0.4 allows remote unauthenticated attackers to bypass the login page, access sensitive information, and reset user passwords via URL modification...

CVE-2022-38168

Broken Access Control in User Authentication in Avaya Scopia Pathfinder 10 and 20 PTS version 8.3.7.0.4 allows remote unauthenticated attackers to bypass the login page, access sensitive information, and reset user passwords via URL modification...

Scopia XT Desktop 8.3.915.4 Cross Site Request Forgery

Exploit Title: Scopia XT Desktop 8.3.915.4 - Cross-Site Request Forgery change admin password Google Dork: inurl:scopia+index.jsp Date: 2020-09-09 Exploit Author: v1n1v131r4 Vendor Homepage: https://avaya.com Software Link:...

Scopia XT Desktop 8.3.915.4 - Cross-Site Request Forgery (change admin password)

Exploit Title: Scopia XT Desktop 8.3.915.4 - Cross-Site Request Forgery change admin password Google Dork: inurl:scopia+index.jsp Date: 2020-09-09 Exploit Author: v1n1v131r4 Vendor Homepage: https://avaya.com Software Link:...

Avaya Radvision SCOPIA Desktop SQL Injection Vulnerability

Avaya Radvision SCOPIA Desktop is a high-definition desktop video software. Avaya Radvision SCOPIA Desktop suffers from a SQL injection vulnerability that originates from the program's failure to adequately validate user-supplied data prior to its utility in a SQL query. An attacker could use thi...

Avaya Radvision SCOPIA Desktop SQL Injection

https://www.osisecurity.com.au/avaya-radvision-scopia-desktop-dlgloginowneridjsp-ownerid-sql-injection.html Date: 04-Apr-2017 Product: Avaya Radvision SCOPIA Desktop Versions affected: v7.7.000.042 released in 2011 confirmed v8.2.101.046 relased in 2013 confirmed Vulnerability: Blind SQL injectio...

JVN#77697803: iVIEW Suite vulnerable to SQL injection

iVIEW Suite provided by RADVISION is a software to manage video conference systems in SCOPIA. iVIEW Suite contains a SQL injection vulnerability. Impact A remote attacker may view or alter the information on the system. Solution Update the Software Update to the latest version according to the...

CVE-2009-2965

Cross-site scripting XSS vulnerability in entry/index.jsp in Radvision Scopia 5.7, and possibly other versions before SD 7.0.100, allows remote attackers to inject arbitrary web script or HTML via the page parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in entry/index.jsp in Radvision Scopia 5.7, and possibly other versions before SD 7.0.100, allows remote attackers to inject arbitrary web script or HTML via the page parameter...

CVE-2009-2965

Cross-site scripting XSS vulnerability in entry/index.jsp in Radvision Scopia 5.7, and possibly other versions before SD 7.0.100, allows remote attackers to inject arbitrary web script or HTML via the page parameter...

CVE-2009-2965

CVE-2009-2965 concerns a cross-site scripting (XSS) vulnerability in the entry/index.jsp page of Radvision Scopia 5.7, with potential presence in versions prior to SD 7.0.100. Exploitation described as arbitrary web-script or HTML injection via the page parameter, potentially allowing an attacker...

Radvision's Scopia Cross Site Scripting Vulnerabilities

Radvision's Scopia Cross Site Scripting Vulnerabilities Author: Francesco Bianchino contact: f.bianchino at gmail dot com Product: Radvision's Scopia Version: 5.7 Vendor Site: http://www.radvision.com Product Support Page: http://www.radvision.com/Support/SCOPIA-57-Support/ Summary Radvision's...

Radvision Scopia 5.7 Cross Site Scripting

Radvision's Scopia Cross Site Scripting Vulnerabilities Author: Francesco Bianchino contact: f.bianchino at gmail dot com Product: Radvision's Scopia Version: 5.7 Vendor Site: http://www.radvision.com Product Support Page: http://www.radvision.com/Support/SCOPIA-57-Support/ Summary Radvision's...

Radvision Scopia - entryindex.jsp Cross-Site Scripting

Radvision Scopia - entryindex.jsp Cross-Site Scripting source: https://www.securityfocus.com/bid/44316/info Radvision Scopia is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...

Radvision Scopia - '/entry/index.jsp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/44316/info Radvision Scopia is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...