Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-0374

Malware in sbrugna...

6.8CVSS6.4AI score0.00704EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-0373

Malware in sbrugna...

4.3CVSS6.4AI score0.01151EPSS
Exploits1References2
seebug.org
seebug.org
added 2014/03/11 12:0 a.m.28 views

Serena Dimensions CM跨站脚本漏洞

Bugtraq ID:65976 CVE ID:CVE-2014-0335 Serena Dimensions CM是一款项目计划管理工具。 Serena Dimensions CM存在多个跨站脚本漏洞,允许远程攻击者利用漏洞注入恶意脚本或HTML代码,当恶意数据被查看时,可获取敏感信息或劫持用户会话。 0 Serena Dimensions CM 12.2 Build 7.199.0 web client 目前没有详细解决方案提供: http://www.serena.com/index.php/en/products/featured-products/dimensions-cm/...

4.3CVSS6.6AI score0.01151EPSS
Exploits1
seebug.org
seebug.org
added 2014/03/11 12:0 a.m.23 views

Serena Dimensions CM跨站请求伪造漏洞

Bugtraq ID:65981 CVE ID:CVE-2014-0336 Serena Dimensions CM是一款项目计划管理工具。 Serena Dimensions CM存在一个跨站请求伪造漏洞,允许远程攻击者构建恶意URI,诱使用户解析,可以目标用户上下文执行恶意操作。 0 Serena Dimensions CM 12.2 Build 7.199.0 web client 目前没有详细解决方案提供: http://www.serena.com/index.php/en/products/featured-products/dimensions-cm/ html !--...

6.8CVSS6.6AI score0.00704EPSS
Exploits1
NVD
NVD
added 2014/03/06 11:55 a.m.13 views

CVE-2014-0336

Cross-site request forgery CSRF vulnerability in the web client in Serena Dimensions CM 12.2 build 7.199.0 allows remote attackers to hijack the authentication of administrators for requests that use the usernewmaster parameter to the adminconsole/ URI...

6.8CVSS7.1AI score0.00704EPSS
Exploits1References1
NVD
NVD
added 2014/03/06 11:55 a.m.14 views

CVE-2014-0335

Multiple cross-site scripting XSS vulnerabilities in the web client in Serena Dimensions CM 12.2 build 7.199.0 allow remote attackers to inject arbitrary web script or HTML via the 1 DBCONN, 2 DBNAME, 3 DMHOST, 4 MANDBNAME, 5 framecmd, 6 identifier, 7 merant.adm.adapters.AdmDialogPropertyMgr, 8...

4.3CVSS5.8AI score0.01151EPSS
Exploits1References1
Prion
Prion
added 2014/03/06 11:55 a.m.13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the web client in Serena Dimensions CM 12.2 build 7.199.0 allow remote attackers to inject arbitrary web script or HTML via the 1 DBCONN, 2 DBNAME, 3 DMHOST, 4 MANDBNAME, 5 framecmd, 6 identifier, 7 merant.adm.adapters.AdmDialogPropertyMgr, 8...

4.3CVSS6.1AI score0.01151EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2014/03/06 11:55 a.m.9 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the web client in Serena Dimensions CM 12.2 build 7.199.0 allows remote attackers to hijack the authentication of administrators for requests that use the usernewmaster parameter to the adminconsole/ URI...

6.8CVSS7.6AI score0.00704EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2014/03/06 11:0 a.m.20 views

CVE-2014-0336

Cross-site request forgery CSRF vulnerability in the web client in Serena Dimensions CM 12.2 build 7.199.0 allows remote attackers to hijack the authentication of administrators for requests that use the usernewmaster parameter to the adminconsole/ URI...

7.1AI score0.00704EPSS
Exploits1References1
CVE
CVE
added 2014/03/06 11:0 a.m.41 views

CVE-2014-0335

Serena Dimensions CM 12.2 Build 7.199.0 web client contains multiple cross-site scripting vulnerabilities (CWE-79). Exploitable via unauthenticated vectors in parameters such as DB_CONN, DB_NAME, DM_HOST, MAN_DB_NAME, framecmd, identifier, merant.adm.adapters.AdmDialogPropertyMgr, nav_frame, nav_...

4.3CVSS5.9AI score0.01151EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2014/03/06 11:0 a.m.19 views

CVE-2014-0335

Multiple cross-site scripting XSS vulnerabilities in the web client in Serena Dimensions CM 12.2 build 7.199.0 allow remote attackers to inject arbitrary web script or HTML via the 1 DBCONN, 2 DBNAME, 3 DMHOST, 4 MANDBNAME, 5 framecmd, 6 identifier, 7 merant.adm.adapters.AdmDialogPropertyMgr, 8...

5.8AI score0.01151EPSS
Exploits1References1
CERT
CERT
added 2014/03/05 12:0 a.m.193 views

Serena Dimensions CM 12.2 Build 7.199.0 web client vulnerabilities

Overview Serena Dimensions CM 12.2 Build 7.199.0 web client and possibly earlier versions contains multiple cross-site scripting vulnerabilities. Description Serena Dimensions CM 12.2 Build 7.199.0 web client and possibly earlier versions contains multiple cross-site scripting...

6.8CVSS6.6AI score0.01151EPSS
Exploits2References3
securityvulns
securityvulns
added 2009/05/25 12:0 a.m.37 views

Serena Dimensions CM cryptographic vulnerability

Server certificate is not validated by client...

2.3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2009/05/25 12:0 a.m.83 views

Serena Dimensions CM Desktop Client does not validate the server SSL certificate

Application: Serena Dimensions CM Affected versions: 10.1 and later Vulnerability: man-in-the-middle attacks Problem type: remote Problem description: ==================== The client/server connection can be SSL encrypted by setting "-ssl" in the listener.dat. The problem is that the Desktop clie...

2AI score
Exploits0
Rows per page
Query Builder