Lucene search
K

492 matches found

Cvelist
Cvelist
added 2010/04/13 5:0 p.m.41 views

CVE-2009-4511

Multiple directory traversal vulnerabilities in the web administration interface on the TANDBERG Video Communication Server VCS before X5.1 allow remote authenticated users to read arbitrary files via a .. dot dot in the page parameter to 1 helppage.php or 2 user/helppage.php...

6.4AI score0.05479EPSS
Exploits1References3
CVE
CVE
added 2010/04/13 5:0 p.m.61 views

CVE-2009-4511

The CVE-2009-4511 issue affects TANDBERG Video Communication Server (VCS). It is a directory traversal flaw in the web management interface (two scripts: helppage.php and user/helppage.php) that an authenticated administrator or lower-privilege user could exploit to read arbitrary files on the ap...

4CVSS6.5AI score0.05479EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2010/04/13 5:0 p.m.66 views

CVE-2009-4509

The TANDBERG Video Communication Server (VCS) web management interface in versions around x4.2.1 (and possibly earlier) uses forged/predictable session cookies in tandberg/web/lib/secure.php and tandberg/web/user/lib/secure.php, enabling an unauthenticated attacker to bypass authentication and po...

10CVSS7.8AI score0.04533EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2010/04/13 5:0 p.m.42 views

CVE-2010-1355

The CVE-2010-1355 entry concerns a Cross-site Scripting (XSS) vulnerability in the TANDBERG Video Communication Server (VCS) prior to X5.0. The connected sources confirm the affected product and that the vulnerability is XSS with unspecified vectors, allowing remote attackers to inject arbitrary ...

4.3CVSS5.9AI score0.00855EPSS
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2010/04/12 12:0 a.m.61 views

Tandberg VCS Arbitrary File Retrieval

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Virtual Security Research, LLC. http://www.vsecurity.com/ Security Advisory - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: TANDBERG Video Communication Server Arbitrary File Retrieval Release Date:...

4CVSS0.7AI score0.05479EPSS
Exploits1
Prion
Prion
added 2006/02/25 11:2 a.m.14 views

Sql injection

DISPUTED SQL injection vulnerability in VCS Virtual Program Management Intranet VPMi Enterprise 3.3 allows remote attackers to execute arbitrary SQL commands via the UpdateID0 parameter to ServiceRequests.asp. NOTE: the provenance of this information is unknown; the details are obtained solely fr...

7.5CVSS8.4AI score0.01381EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2006/02/25 11:2 a.m.14 views

CVE-2006-0897

SQL injection vulnerability in VCS Virtual Program Management Intranet VPMi Enterprise 3.3 allows remote attackers to execute arbitrary SQL commands via the UpdateID0 parameter to ServiceRequests.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

7.5CVSS8AI score0.01381EPSS
Exploits0References7
Cvelist
Cvelist
added 2006/02/25 11:0 a.m.17 views

CVE-2006-0897

SQL injection vulnerability in VCS Virtual Program Management Intranet VPMi Enterprise 3.3 allows remote attackers to execute arbitrary SQL commands via the UpdateID0 parameter to ServiceRequests.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

8AI score0.01381EPSS
Exploits0References7
CVE
CVE
added 2006/02/25 11:0 a.m.46 views

CVE-2006-0897

SQL injection vulnerability in VCS Virtual Program Management Intranet (VPMi) Enterprise 3.3 via the UpdateID0 parameter to Service_Requests.asp. The vendor disputes the issue, citing a protected state-management system, while third-party sources suggest the original researcher may have triggered...

7.5CVSS8AI score0.01381EPSS
Exploits0References7Affected Software1
securityvulns
securityvulns
added 2005/11/14 12:0 a.m.28 views

[Full-disclosure] DMA[2005-1112a] - 'Veritas Storage Foundation VCSI18N_LANG buffer overflow'

DMA2005-1112a - 'Veritas Storage Foundation VCSI18NLANG buffer overflow' Author: Kevin Finisterre Vendor: http://www.Veritas.com Product: 'Veritas Cluster Server for UNIX' References: http://www.digitalmunition.com/DMA2005-1112a.txt http://www.symantec.com/avcenter/security/Content/2005.11.08a.ht...

7.4AI score
Exploits0
CVE
CVE
added 2005/06/28 4:0 a.m.42 views

CVE-2002-1817

Technical details for CVE-2002-1817 are not publicly available in the provided documents. Monitor for updates.

7.5CVSS7.2AI score0.01326EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2001/05/07 4:0 a.m.53 views

CVE-2001-0287

The vulnerability CVE-2001-0287 affects VERITAS Cluster Server (VCS) 1.3.0 on Solaris. A local user can trigger a denial of service (system panic) by using the -L option to the lltstat command. The available connected sources corroborate the affected product/version and the vulnerable user action...

2.1CVSS6.6AI score0.00328EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder