EUVD-2018-19433

Malware in sbrugna...

Design/Logic Flaw

An issue was discovered in Telexy QPath 5.4.462. A low privileged authenticated user supplying a specially crafted serialized request to AdanitDataService.svc may modify user information, including but not limited to email address, username, and password, of other user accounts. The simplest atta...

CVE-2018-7718

An issue was discovered in Telexy QPath 5.4.462. A low privileged authenticated user supplying a specially crafted serialized request to AdanitDataService.svc may modify user information, including but not limited to email address, username, and password, of other user accounts. The simplest atta...

CVE-2018-7718

An issue was discovered in Telexy QPath 5.4.462. A low privileged authenticated user supplying a specially crafted serialized request to AdanitDataService.svc may modify user information, including but not limited to email address, username, and password, of other user accounts. The simplest atta...

CVE-2018-7718

CVE-2018-7718 affects Telexy QPath 5.4.462 where a low-privileged, authenticated user can craft a serialized request to AdanitDataService.svc to modify e.g. email, username, or password of other accounts. The documented attack path suggests intercepting a password-change request and altering the ...

CVE-2018-7718

An issue was discovered in Telexy QPath 5.4.462. A low privileged authenticated user supplying a specially crafted serialized request to AdanitDataService.svc may modify user information, including but not limited to email address, username, and password, of other user accounts. The simplest atta...