35 matches found
Lark Technologies: Normal User is able to EXPORT Feature Usage Statistics
A vulnerability was found where certain Lark endpoints did not properly validate user permissions, allowing a low-privileged user to generate and download usage statistics information. We thank @aishkendle for reporting this to our team...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure. The site-admin area can be accessed by regular users. Unprivileged users can have access to daily usage statistics and code intelligence uploads and indexes. It is not possible to alter the information, nor interac...
CVE-2021-32787
CVE-2021-32787 affects Sourcegraph before version 3.30.0. The vulnerability exposes information in the site-admin area to regular users, leaking daily usage statistics and code intelligence uploads/indexes while not allowing alteration of other features. The root cause is improper access to site-...
Italy CERT Warns of a New Credential Stealing Android Malware
Researchers have disclosed a new family of Android malware that abuses accessibility services in the device to hijack user credentials and record audio and video. Dubbed "Oscorp" by Italy's CERT-AGID and spotted by AddressIntel, the malware "induces the user to install an accessibility service wi...
How Do I Monitor NetScaler MAS Resource Consumption?
This article describes how to monitor NetScaler MAS resource consumption. Background NetScaler Management and Analytics System is a single unified solution that helps administrators perform various tasks such as infrastructure management, application management, orchestration, and gives complete...
WebTrends Enterprise Reporting Server 3.1 c/3.5 Source Code Disclosure
No description provided by source. source: http://www.securityfocus.com/bid/2812/info WebTrends Live is a web-based reporting service which provides interactive tracking of usage statistics and E-commerce revenue. It is possible to view the source code of arbitrary scripts on the WebTrends Live...
RedHat Update for net-snmp RHSA-2014:0321-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SA-CONTRIB-2010-078 - Kaltura - Information disclosure
The Kaltura module integrates the Kaltura open source video platform with Drupal. When installing, uninstalling, or configuring the module, it would surreptitiously inject a hidden iframe into the messages displayed to the administrator with the source pointing to corp.kaltura.com/stats/drupal...
CVE-2002-2058
TeeKai Tracking Online 1.0 uses weak encryption of web usage statistics in data/userlog/log.txt, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 hash of '20'...
CVE-2002-2057
CVE-2002-2057 affects TeeKai Forum 1.2. The vulnerability is described as weak encryption of web usage statistics stored in data/member_log.txt under the web document root with insufficient access control, allowing remote attackers to identify IPs visiting the site by dividing each octet by the M...
CVE-2002-2058
TeeKai Tracking Online 1.0 is affected by a weak encryption flaw in the stored web usage statistics (data/userlog/log.txt) that enables remote attackers to identify visiting IPs by dividing each octet by the MD5 hash of '20'. The Red Hat advisory and PT-Security notes corroborate the vulnerabilit...
CVE-2002-2058
TeeKai Tracking Online 1.0 uses weak encryption of web usage statistics in data/userlog/log.txt, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 hash of '20'...
PT-2002-2779 · Teekai · Teekai Tracking Online
Name of the Vulnerable Software and Affected Versions: TeeKai Tracking Online version 1.0 Description: The issue concerns the weak encryption of web usage statistics stored in the data/userlog/log.txt file. This weakness allows remote attackers to identify the IP addresses of visitors to the site...
WebTrends Enterprise Reporting Server 3.1 c/3.5 - Source Code Disclosure
source: https://www.securityfocus.com/bid/2812/info WebTrends Live is a web-based reporting service which provides interactive tracking of usage statistics and E-commerce revenue. It is possible to view the source code of arbitrary scripts on the WebTrends Live webserver. This is accomplished by...
ntop 1.x - i Local Format String
source: https://www.securityfocus.com/bid/1840/info ntop network top is a unix program used for displaying network usage statistics. It is often installed setuid root because it uses privileged ports. ntop is vulnerable to a format string vulnerability that can compromise root access locally. If...