5 matches found
The vulnerability of the SPNEGO security mechanism for Microsoft Windows operating systems allows a perpetrator to disclose protected information.
The vulnerability of the SPNEGO NEGOEX security mechanism for Microsoft Windows operating systems is related to the disclosure of information in the erroneous data area. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...
PT-2022-4220 · Yokogawa · Exaopc +5
Name of the Vulnerable Software and Affected Versions: CENTUM CS 3000 versions R3.08.10 through R3.09.00 CENTUM VP versions R4.01.00 through R4.03.00 CENTUM VP versions R5.01.00 through R5.04.20 CENTUM VP versions R6.01.00 through R6.09.00 Exaopc versions R3.72.00 through R3.80.00 B/M9000 CS...
CVE-2021-36061
Adobe Connect version 11.2.2 and earlier is affected by a secure design principles violation vulnerability via the 'pbMode' parameter. An unauthenticated attacker could leverage this vulnerability to edit or delete recordings on the Connect environment. Exploitation of this issue requires user...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-29136. Reason: This candidate is a reservation duplicate of CVE-2020-29136. Notes: All CVE users should reference CVE-2020-29136 instead of this candidate. All references and descriptions in this candidate have been removed t...
大汉通版cms上传设计缺陷
简要描述: RT 详细说明: WooYun: 大汉jiep信息交换平台某处越权及sql注入 根据wefgod牛的测试站点进行测试得到的。 http://www.dx.gansu.gov.cn/cms/common/filechoose/filedialog.jsp?webappcode=A61&filetype=1&webapppath=freeform&uploadpath=../../../ 具体%00截图没有绕过上传jsp等脚本文件。 但是如果cms在iis下面可以触发iis解析漏洞,所以还是存在威胁的。 漏洞证明: Content-Disposition: form-data;...