6 matches found
CVE-2021-36722
Emuse - eServices / eNvoice SQL injection can be used in various ways ranging from bypassing login authentication or dumping the whole database to full RCE on the affected endpoints. The SQLi caused by CWE-209: Generation of Error Message Containig Sensetive Information, showing parts of the aspx...
Sql injection
Emuse - eServices / eNvoice SQL injection can be used in various ways ranging from bypassing login authentication or dumping the whole database to full RCE on the affected endpoints. The SQLi caused by CWE-209: Generation of Error Message Containig Sensetive Information, showing parts of the aspx...
Exploit for Forced Browsing in Engineers_Online_Portal_Project Engineers_Online_Portal
CVE-2021-42671 CVE-2021-42671 - Broken access control vulnerab...
Vulnerabilities in OpenSSH affect AIX.
IBM SECURITY ADVISORY First Issued: Wed Oct 24 11:28:50 CDT 2018 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/opensshadvisory12.asc https://aix.software.ibm.com/aix/efixes/security/opensshadvisory12.asc...
Abtp Portal Project <= 0.1.0 Local and Remote File Include Vulnerabilities
Abtp Portal Project is prone to local and remote file include vulnerabilities because the application fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
CVE-2009-2713
The CDCServlet component in Sun Java System Access Manager 7.0 2005Q4 and 7.1, when Cross Domain Single Sign On CDSSO is enabled, does not ensure that "policy advice" is presented to the correct client, which allows remote attackers to obtain sensitive information via unspecified vectors...