22 matches found
CollabNet Subversion Edge Security Bypass Vulnerability
CollabNet Subversion Edge is a free web-based and cloud-based Subversion platform. A security vulnerability exists in CollabNet Subversion Edge that could be exploited by an attacker to perform unauthorized actions, obtain sensitive information, and elevate privileges...
CollabNet Subversion Edge missing clickjacking protection
Vuln Title: The CollabNet Subversion Edge Management Frontend does not implement clickjacking protection Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type: Clickjacking Risk: Medium Status:...
CollabNet Subversion Edge insecure password change
Vuln Title: The CollabNet Subversion Edge management frontend does not require current password upon password change Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type: Insecure password change...
CollabNet Subversion Edge weak password policy
Vuln Title: The CollabNet Subversion Edge Management Frontend does not implement a strong password policy Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type: Lack of defensive measures Risk: Medi...
CollabNet Subversion Edge autocomplete on
Vuln Title: The CollabNet Subversion Edge management frontend login page password field has autocomplete enabled Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type: Lack of defensive measures Ris...
CollabNet Subversion Edge missing brute force protection
Vuln Title: The CollabNet Subversion Edge does not protect against brute forcing accounts Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type: Lack of defensive measures Risk: Medium Status:...
CollabNet Subversion Edge tail local file inclusion
Vuln Title: Local file inclusion in CollabNet Subversion Edge Management Frontend via logfile "fileName" parameter of the "tail" action Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type: Local...
CollabNet Subversion Edge downloadHook local file inclusion
Vuln Title: Local file inclusion in CollabNet Subversion Edge Management Frontend via logfile "filename" parameter of the "downloadHook" action Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type:...
CollabNet Subversion Edge weak password storage mechanism
Vuln Title: The CollabNet Subversion Edge stores passwords as unsalted MD5 hashes Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type: Insecure password storage Risk: Medium Status: public/fixed...
CollabNet Subversion Edge show local file inclusion
Vuln Title: Local file inclusion in CollabNet Subversion Edge Management Frontend via "fileName" parameter of the show action Date: 10.10.2014 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type: Local file...
CollabNet Subversion Edge Hook Script Privilege Escalation
Vuln Title: The CollabNet Subversion Edge Management Frontend SVN hook scripts privilege escalation Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type: Privilege escalation design flaw CVE :...
CollabNet Subversion Edge indes local file inclusion
Vuln Title: Local file inclusion in CollabNet Subversion Edge Management Frontend via logfile "listViewItem" parameter of the "index" action Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type:...
CollabNet Subversion Edge missing single login restriction
Vuln Title: The CollabNet Subversion Edge management missing single login restriction Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type: No single login restriction Risk: Low Status:...
CollabNet Subversion Edge missing XSRF protection
Vuln Title: The CollabNet Subversion Edge Management Frontend does not implement XSRF protection tokens Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type: XSRF Risk: Low Status: public/fixed Fix...
CollabNet Subversion Edge Management 4.0.11 - Local File Inclusion Vulnerability
Exploit for linux platform in category web applications Vuln Title: Local file inclusion in CollabNet Subversion Edge Management Frontend via logfile "fileName" parameter of the "tail" action Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabN...
CollabNet Subversion Edge Management Tail LFI
Vuln Title: Local file inclusion in CollabNet Subversion Edge Management Frontend via logfile "fileName" parameter of the "tail" action Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type: Local...
CollabNet Subversion Edge Management listViewItem LFI
Vuln Title: Local file inclusion in CollabNet Subversion Edge Management Frontend via logfile "listViewItem" parameter of the "index" action Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type:...
CollabNet Subversion Edge Management downloadHook LFI
Vuln Title: Local file inclusion in CollabNet Subversion Edge Management Frontend via logfile "filename" parameter of the "downloadHook" action Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type:...
CollabNet Subversion Edge Management Credential Leak
Vuln Title: The CollabNet Subversion Edge Management frontend user credential hash leak Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type: Credential leak Risk: Medium Status: public/fixed Fixed...
CollabNet Subversion Edge Management Frontend Privilege Escalation
Vuln Title: The CollabNet Subversion Edge Management Frontend SVN hook scripts privilege escalation Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type: Privilege escalation design flaw CVE :...