11 matches found
EUVD-2013-4025
Malware in sbrugna...
EUVD-2013-4022
Malware in sbrugna...
CVE-2013-4095
plain/actionsets.html in the SecureSphere Operations Manager SOM Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to execute arbitrary commands via a task with a command.value field in conjunction with an arguments.value field...
CVE-2013-4095
plain/actionsets.html in the SecureSphere Operations Manager SOM Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to execute arbitrary commands via a task with a command.value field in conjunction with an arguments.value field...
CVE-2013-4093
The SecureSphere Operations Manager SOM Management Server in Imperva SecureSphere 9.0.0.5 allows remote attackers to obtain sensitive information via 1 a direct request to dwr/call/plaincall/AsyncOperationsContainer.getOperationState.dwr, which reveals the installation path in the s0.filePath...
Design/Logic Flaw
The Key Management feature in the SecureSphere Operations Manager SOM Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to upload executable files via the 1 privatekey or 2 publickey parameter in a T/keyManagement request to plain/settings.html, as demonstrated b...
Design/Logic Flaw
The SecureSphere Operations Manager SOM Management Server in Imperva SecureSphere 9.0.0.5 allows remote attackers to obtain sensitive information via 1 a direct request to dwr/call/plaincall/AsyncOperationsContainer.getOperationState.dwr, which reveals the installation path in the s0.filePath...
Design/Logic Flaw
The SecureSphere Operations Manager SOM Management Server in Imperva SecureSphere 9.0.0.5 allows context-dependent attackers to obtain sensitive information by leveraging the presence of 1 a session ID in the jsessionid field to secsphLogin.jsp or 2 credentials in the jpassword parameter to...
CVE-2013-4095
plain/actionsets.html in the SecureSphere Operations Manager SOM Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to execute arbitrary commands via a task with a command.value field in conjunction with an arguments.value field...
CVE-2013-4091
Affected product: Imperva SecureSphere SOM Management Server (SOM) version 9.0.0.5. Vulnerability: The secsphLogin.jsp login page’s j_password field does not have an off autocomplete attribute, enabling password exposure on unattended workstations. Impact/Context: This condition can make it easie...
Imperva SecureSphere Operations Manager Command Execution Vulnerability
Imperva SecureSphere Operations Manager version 9.0.0.5 Enterprise Edition suffers from path disclosure, command execution, and arbitrary file upload vulnerabilities. Tittle: Imperva SecureSphere Operations Manager - Command Execution Post Authentication & Minor issues Risk: High Date: 27.May.201...