6 matches found
CVE-2021-33622
Removed by vendor...
Default credentials
A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.4, when /websocket is requested and the password contains the '' character. This request would cause a socket error in RabbitMQ when parsing the password and an HTTP error code 500 and partial password disclose wi...
CVE-2019-9563
In BlueMind 3.5.x before 3.5.11 Hotfix 7 and 4.x before 4.0-beta3, the contact application mishandles temporary uploads...
DEBIAN-CVE-2013-4997
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving a JavaScript event in 1 an anchor identifier to setup/index.php or 2 a chartTitle aka chart title value...
PT-2013-3479 · Phpmyadmin · Phpmyadmin
Name of the Vulnerable Software and Affected Versions: phpMyAdmin versions 3.5.x through 3.5.7 Description: Multiple cross-site scripting XSS vulnerabilities in tbl gis visualization.php might allow remote attackers to inject arbitrary web script or HTML via the 1 visualizationSettingswidth or 2...
CVE-2012-0465
CVE-2012-0465 affects Bugzilla versions 3.5.x and 3.6.x before 3.6.9, 3.7.x and 4.0.x before 4.0.6, and 4.1.x and 4.2.x before 4.2.1. Root cause: improper validation of the X-Forwarded-For header when inbound_proxies is enabled, allowing bypass of the lockout policy via repeated authentication re...