31 matches found
CVE-2023-50838
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Basix NEX-Forms – Ultimate Form Builder – Contact forms and much more.This issue affects NEX-Forms – Ultimate Form Builder – Contact forms and much more: from n/a through 8.5.5...
CVE-2023-38949
An issue in a hidden API in ZKTeco BioTime v8.5.5 allows unauthenticated attackers to arbitrarily reset the Administrator password via a crafted web request...
Path traversal
A path traversal vulnerability in ZKTeco BioTime v8.5.5 allows attackers to write arbitrary files via using a malicious SFTP configuration...
Cross site request forgery (csrf)
An issue in a hidden API in ZKTeco BioTime v8.5.5 allows unauthenticated attackers to arbitrarily reset the Administrator password via a crafted web request...
CVE-2023-38951
ZKTeco BioTime 8.5.5 through 9.x before 9.0.1 20240617.19506 allows authenticated attackers to create or overwrite arbitrary files on the server via crafted requests to /base/sftpsetting/ endpoints that abuse a path traversal issue in the Username field and a lack of input sanitization on the SSH...
CVE-2023-38949
CVE-2023-38949 affects ZKTeco BioTime v8.5.5 via a hidden API in the web interface that can be abused by unauthenticated attackers to reset the Administrator password through a crafted request. The root cause is an exposed, unauthenticated password-reset pathway in the BioTime web platform; impac...
CVE-2023-38949
An issue in a hidden API in ZKTeco BioTime v8.5.5 allows unauthenticated attackers to arbitrarily reset the Administrator password via a crafted web request...
Security Bulletin: Vulnerability identified in IBM WebSphere Application Server shipped with IBM WebSphere Service Registry and Repository (CVE-2023-23477)
Summary IBM WebSphere Application Server is shipped as a component of IBM WebSphere Service Registry and Repository. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulleti...
Security Bulletin: Multiple vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Business Monitor (CVE-2021-4104, CVE-2021-45046)
Summary IBM WebSphere Application Server is shipped as a component of Business Monitor. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details CVEID: CVE-2021-4104 DESCRIPTION: Apache Log4j could allow a...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Monitor (CVE-2019-4441)
Summary IBM WebSphere Application Server is shipped as a component of Business Monitor. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Consult the security bulletin: IBM WebSphere Application Serve...
Security Bulletin: External Service invocation in IBM Business Space affects IBM Business Monitor (CVE-2018-1885)
Summary A vulnerability in IBM Business Space can allow an attacker to cause an external service invocation. Vulnerability Details CVEID: CVE-2018-1885 DESCRIPTION: IBM Business Space could allow an unauthenticated attacker to obtain sensitve information using a specially cracted HTTP request. CV...
Security Bulletin: Security vulnerability has been identified in WebSphere Application Server shipped with WebSphere Service Registry and Repository (CVE-2019-4279)
Summary WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult Security Bulletin: Remote...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Monitor (CVE-2019-4046)
Summary IBM WebSphere Application Server is shipped as a component of Business Monitor. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletin Potential denial of servi...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Monitor (CVE-2018-1904)
Summary IBM WebSphere Application Server is shipped as a component of Business Monitor. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details For vulnerability details and information about fixes, please...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Monitor (CVE-2014-7810)
Summary WebSphere Application Server is shipped as a component of Business Monitor. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin linked to below. Vulnerability Details For information about the vulnerability and the...
Security Bulletin: A security vulnerability has been identified in IBM Websphere Application Server shipped with IBM Security Directory Server (CVE-2017-1741)
Summary IBM WebSphere Application Server WAS is shipped as a component of IBM Security Directory Server ISDS. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletin...
Security Bulletin: A security vulnerability has been identified in IBM Websphere Application Server shipped with IBM Security Identity Manager (CVE-2017-12624)
Summary IBM WebSphere Application Server WAS is shipped as a component of IBM Security Identity Manager ISIM. Information about a security vulnerability affecting Apache CXF used by IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult th...
Security Bulletin: A security vulnerability has been identified in IBM Websphere Application Server shipped with IBM Security Identity Manager (CVE-2017-1743 )
Summary IBM WebSphere Application Server WAS is shipped as a component of IBM Security Identity Manager ISIM. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletin...
Security Bulletin: A security vulnerability has been identified in IBM Websphere Application Server shipped with IBM Security Identity Manager (CVE-2017-1731)
Summary IBM WebSphere Application Server WAS is shipped as a component of IBM Security Identity Manager ISIM. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletin...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Security Key Lifecycle Manager (CVE-2017-1121)
Summary IBM WebSphere Application Server is shipped as a component of IBM Security Key Lifecycle Manager. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletin...