Users receive error "Try again after some time or contact your help desk" at login

While accessing ADC Gateway or Authentication page, in certain conditions users received one of these two errors: "Try again after some time or contact your help desk". "Malformed assertion sent to Netscaler" Users redirected to Login page. To validate this is the cause, you can check ADC syslogs...

CVE-2023-22481

FreshRSS is a self-hosted RSS feed aggregator. When using the greader API, the provided password is logged in clear in users//logapi.txt in the case where the authentication fails. The issues occurs in authorizationToUser in greader.php. If there is an issue with the request or the credentials,...

Cross site request forgery (csrf)

FreshRSS is a self-hosted RSS feed aggregator. When using the greader API, the provided password is logged in clear in users//logapi.txt in the case where the authentication fails. The issues occurs in authorizationToUser in greader.php. If there is an issue with the request or the credentials,...

CVE-2023-22481 Sensitive information exposure in the logs of greader API in FreshRSS

FreshRSS is a self-hosted RSS feed aggregator. When using the greader API, the provided password is logged in clear in users//logapi.txt in the case where the authentication fails. The issues occurs in authorizationToUser in greader.php. If there is an issue with the request or the credentials,...

Arista Networks CloudVision Portal 日志信息泄露漏洞

Arista Networks CloudVision Portal is a suite of web-based user management portals for the CloudVision platform from Arista Networks, USA. The product includes features such as network device configuration, compliance management, change management, and network monitoring management. A log...

Osticket 1.9.14 - X-Forwarded-For Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Osticket 1.9.14 and below X-Forwarded-For Stored XSS. Date: 24-11-2016 Exploit Author: Joaquin Ramirez Martinez i0-SEC Software Link: http://osticket.com/ Vendor: Osticket """ ============== DESCRIPTION ============== osTicket i...

ISDN4Linux 3.1 IPPPD Device String SysLog Format String Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/5437/info isdn4linux is a freely available, open source package of isdn compatibility tools. It is available for Linux operating systems. isdn4linux contains a format string vulnerability in the ipppd utility. In some...

nfs-utils security, bug fix, and enhancement update

1.0.9-60.0.1.el5 - Add support for resvport for unmonting orabug 13567018 1.0.9-60 - Updated idmapd.conf and idmapd.conf.man to reflect the static user name mapping 502707 - Fixed an umount regression introduced by bz 513094 bz 781931 1.0.9-59 - gss: turned of even more excessive syslogs bz 59309...

Manageengine Opmanager v8.8 - SQL Injection Vulnerability

Document Title: =============== Manageengine Opmanager v8.8 - SQL Injection Vulnerability Release Date: ============= 2011-07-19 Vulnerability Laboratory ID VL-ID: ==================================== 200 Product & Service Introduction: =============================== Network performance...

Manageengine Opmanager v8.8 - SQL Injection Vulnerability

Document Title: =============== Manageengine Opmanager v8.8 - SQL Injection Vulnerability Release Date: ============= 2011-07-19 Vulnerability Laboratory ID VL-ID: ==================================== 200 Product & Service Introduction: =============================== Network performance...