CVE-2022-38583

On versions of Sage 300 2017 - 2022 6.4.x - 6.9.x which are setup in a "Windows Peer-to-Peer Network" or "Client Server Network" configuration, a low-privileged Sage 300 workstation user could abuse their access to the "SharedData" folder on the connected Sage 300 server to view and/or modify the...

CVE-2024-52870

Teradata Vantage Editor 1.0.1 is mostly intended for SQL database access and docs.teradata.com access, but provides unintended functionality including Chromium Developer Tools that can result in a client user accessing arbitrary remote websites...

CVE-2024-29968

An information disclosure vulnerability exists in Brocade SANnav before v2.3.1 and v2.3.0a when Brocade SANnav instances are configured in disaster recovery mode. SQL Table names, column names, and SQL queries are collected in DR standby Supportsave. This could allow authenticated users to access...

CVE-2024-52870

Teradata Vantage Editor 1.0.1 is mostly intended for SQL database access and docs.teradata.com access, but provides unintended functionality including Chromium Developer Tools that can result in a client user accessing arbitrary remote websites...

CVE-2024-52870

CVE-2024-52870 concerns Teradata Vantage Editor 1.0.1, which is primarily a SQL editor but exposes unintended functionality, including Chromium Developer Tools, that can let a client user access arbitrary remote websites. The Red Hat/NVD entries confirm the affected product and behavior; the issu...

CVE-2022-41399

The optional Web Screens feature for Sage 300 through version 2022 uses a hard-coded 40-byte blowfish key "PASSKEY" to encrypt and decrypt the database connection string for the PORTAL database found in the "dbconfig.xml". This issue could allow attackers to obtain access to the SQL database...

CVE-2022-41399

The optional Web Screens feature for Sage 300 through version 2022 uses a hard-coded 40-byte blowfish key "PASSKEY" to encrypt and decrypt the database connection string for the PORTAL database found in the "dbconfig.xml". This issue could allow attackers to obtain access to the SQL database...

CVE-2022-38583

On versions of Sage 300 2017 - 2022 6.4.x - 6.9.x which are setup in a "Windows Peer-to-Peer Network" or "Client Server Network" configuration, a low-privileged Sage 300 workstation user could abuse their access to the "SharedData" folder on the connected Sage 300 server to view and/or modify the...

PVS console showing target devices as down, even though it is possible to boot and stream to devices

PVS console showing target devices as down, even though it is possible boot and stream to devices.Event logged ID:11 Source: StreamProcess. DbAccess error: in ServerStatusSetContactInfo called from SSProtocolModule.cpp:2630. SQL DB server is up and accessible...

Metacart vuln.

Summary MetaCart2.sql is an ASP based shopping Cart application with SQL database. A security vulnerability in the product allows attackers to access the database used for storing user provided data Credit cart numbers, Names, Surnames, Addresses, E-mails, etc. Details Exploit: Accessing any of t...

Microsoft Site Server Commerce Edition 3.0 alpha - AdSamples Sensitive Information

Microsoft Site Server Commerce Edition 3.0 alpha - AdSamples Sensitive Information source: https://www.securityfocus.com/bid/256/info A vulnerability in Microsoft Site Server's Ad Server Sample directory allows the retrieval of a site's configuration file SITE.CSC which contains sensitive...