16 matches found
EUVD-2014-8560
Malware in sbrugna...
CVE-2020-9384
An Insecure Direct Object Reference IDOR vulnerability in the Change Password feature of Subex ROC Partner Settlement 10.5 allows remote authenticated users to achieve account takeover via manipulation of POST parameters. NOTE: This vulnerability may only affect a testing version of the applicati...
CVE-2020-9384
An Insecure Direct Object Reference IDOR vulnerability in the Change Password feature of Subex ROC Partner Settlement 10.5 allows remote authenticated users to achieve account takeover via manipulation of POST parameters. NOTE: This vulnerability may only affect a testing version of the applicati...
Design/Logic Flaw
An Insecure Direct Object Reference IDOR vulnerability in the Change Password feature of Subex ROC Partner Settlement 10.5 allows remote authenticated users to achieve account takeover via manipulation of POST parameters. NOTE: This vulnerability may only affect a testing version of the applicati...
CVE-2020-9384
An Insecure Direct Object Reference IDOR vulnerability in the Change Password feature of Subex ROC Partner Settlement 10.5 allows remote authenticated users to achieve account takeover via manipulation of POST parameters. NOTE: This vulnerability may only affect a testing version of the applicati...
CVE-2020-9384
An Insecure Direct Object Reference IDOR vulnerability in the Change Password feature of Subex ROC Partner Settlement 10.5 allows remote authenticated users to achieve account takeover via manipulation of POST parameters. NOTE: This vulnerability may only affect a testing version of the applicati...
CVE-2020-9384
The entries describe an Insecure Direct Object Reference (IDOR) in Subex ROC Partner Settlement 10.5 Change Password. Affected component: Change Password feature; root cause: manipulation of POST parameters enabling account takeover by remote authenticated users. Impact: account compromise report...
PT-2020-20625 · Subex · Subex Roc Partner Settlement
Name of the Vulnerable Software and Affected Versions: Subex ROC Partner Settlement version 10.5 Description: An Insecure Direct Object Reference IDOR vulnerability in the Change Password feature allows remote authenticated users to achieve account takeover via manipulation of POST parameters. Th...
CVE-2014-8728
SQL injection vulnerability in the login page login/login in Subex ROC Fraud Management aka Fraud Management System and FMS 7.4 and earlier allows remote attackers to execute arbitrary SQL commands via the rangerusername parameter...
Sql injection
SQL injection vulnerability in the login page login/login in Subex ROC Fraud Management aka Fraud Management System and FMS 7.4 and earlier allows remote attackers to execute arbitrary SQL commands via the rangerusername parameter...
CVE-2014-8728
SQL injection vulnerability in the login page login/login in Subex ROC Fraud Management aka Fraud Management System and FMS 7.4 and earlier allows remote attackers to execute arbitrary SQL commands via the rangerusername parameter...
CVE-2014-8728
Subex ROC Fraud Management (aka Fraud Management System/FMS) suffers an SQL injection in the login page (login/login) accessible on Subex ROC FMS 7.4 and earlier. The vulnerability stems from how the POST parameter ranger_user[name] is handled, enabling an attacker to submit arbitrary SQL command...
Subex Fms 7.4 - SQL Injection
Subex Fms 7.4 - SQL Injection ======================================================================================= Subex ROC Fraud Management System v7.4 - Unauthenticated Blind-Time Based SQL Injection =======================================================================================...
Subex Fms 7.4 - SQL Injection
======================================================================================= Subex ROC Fraud Management System v7.4 - Unauthenticated Blind-Time Based SQL Injection ======================================================================================= Affected Software: Subex ROC FMS...
Subex ROC Fraud Management System 7.4 SQL Injection Vulnerability
Subex ROC Fraud Management System version 7.4 suffers from a remote unauthenticated time-based blind SQL injection vulnerability. ======================================================================================= Subex ROC Fraud Management System v7.4 - Unauthenticated Blind-Time Based SQL...
Subex ROC Fraud Management System 7.4 SQL Injection
======================================================================================= Subex ROC Fraud Management System v7.4 - Unauthenticated Blind-Time Based SQL Injection ======================================================================================= Affected Software: Subex ROC FMS...