11 matches found
Mantis Bug Tracker (MantisBT) allows user account takeover in the signup/reset password process
Insufficient access control in the registration and password reset process allows an attacker to reset another user's password and takeover their account, if the victim has an incomplete request pending. The exploit is only possible while the verification token is valid, i.e for 5 minutes after t...
GHSA-93X3-M7PW-PPQM Mantis Bug Tracker (MantisBT) allows user account takeover in the signup/reset password process
Insufficient access control in the registration and password reset process allows an attacker to reset another user's password and takeover their account, if the victim has an incomplete request pending. The exploit is only possible while the verification token is valid, i.e for 5 minutes after t...
File Replication Pro 7.2.0 - Multiple Vulnerabilities
Vantage Point Security Advisory 2016-001 ================================ Title: File Replication Pro Remote Command Execution Vendor: File Replication Pro Vendor URL: http://www.filereplicationpro.com/ Versions affected: = Permalink: Summary: -------- File Replication Pro FRP is a file managemen...
File Replication Pro 7.2.0 Command Execution / File Disclosure / Traversal
Vantage Point Security Advisory 2016-001 ================================ Title: File Replication Pro Remote Command Execution Vendor: File Replication Pro Vendor URL: http://www.filereplicationpro.com/ Versions affected: = Permalink: Summary: -------- File Replication Pro FRP is a file managemen...
ZHONE S3.0.501 - Multiple Remote Code Execution Vulnerabilities
ZHONE S3.0.501 - Multiple Remote Code Execution Vulnerabilities Vantage Point Security Advisory 2015-003 ======================================== Title: Multiple Remote Code Execution found in ZHONE Vendor: Zhone Vendor URL: http://www.zhone.com Device Model: ZHONE ZNID GPON 2426A 24xx, 24xxA,...
ZHONE < S3.0.501 - Multiple Remote Code Execution Vulnerabilities
Vantage Point Security Advisory 2015-003 ======================================== Title: Multiple Remote Code Execution found in ZHONE Vendor: Zhone Vendor URL: http://www.zhone.com Device Model: ZHONE ZNID GPON 2426A 24xx, 24xxA, 42xx, 42xxA, 26xx, and 28xx series models Versions affected: Paper...
Cisco Unified Communications Manager - Multiple Vulnerabilities
Vantage Point Security Advisory 2015-001 ======================================== Title: Cisco Unified Communications Manager Multiple Vulnerabilities Vendor: Cisco Vendor URL: http://www.cisco.com/ Versions affected: Summary: -------- Cisco Unified Communications Manager CUCM offers services suc...
Cisco Unified Communications Manager Command Execution
Vantage Point Security Advisory 2015-001 ======================================== Title: Cisco Unified Communications Manager Multiple Vulnerabilities Vendor: Cisco Vendor URL: http://www.cisco.com/ Versions affected: Summary: -------- Cisco Unified Communications Manager CUCM offers services suc...
SysAid Server Arbitrary File Disclosure
Vantage Point Security Advisory 2014-004 ======================================== Title: SysAid Server Arbitrary File Disclosure ID: VP-2014-004 Vendor: SysAid Affected Product: SysAid On-Premise Affected Versions: Summary: --- SysAid Server is vulnerable to an unauthenticated file disclosure...
SysAid Server - Arbitrary File Disclosure
SysAid Server - Arbitrary File Disclosure Vantage Point Security Advisory 2014-004 ======================================== Title: SysAid Server Arbitrary File Disclosure ID: VP-2014-004 Vendor: SysAid Affected Product: SysAid On-Premise Affected Versions: Summary: --- SysAid Server is vulnerable...
SysAid Server - Arbitrary File Disclosure
Vantage Point Security Advisory 2014-004 ======================================== Title: SysAid Server Arbitrary File Disclosure ID: VP-2014-004 Vendor: SysAid Affected Product: SysAid On-Premise Affected Versions: Summary: --- SysAid Server is vulnerable to an unauthenticated file disclosure...