33 matches found
EUVD-2014-3136
Malware in sbrugna...
EUVD-2018-6817
Malware in sbrugna...
EUVD-2005-2053
Malware in sbrugna...
EUVD-2022-5498
Malicious code in bioql PyPI...
EUVD-2022-3356
Malicious code in bioql PyPI...
EUVD-2022-44467
Malicious code in bioql PyPI...
EUVD-2022-2610
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2016-6810
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scripting vulnerability was identified to be present in the web based administration console...
CVE-2020-13947
An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the message.jsp page of Apache ActiveMQ versions 5.15.12 through 5.16.0...
SUSE CVE-2008-5518
Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 on Windows allow remote attackers to upload files to arbitrary directories via directory traversal sequences in the 1 group, 2 artifact, 3 version, or 4 fileType...
SUSE CVE-2009-0039
Multiple cross-site request forgery CSRF vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to hijack the authentication of administrators for requests that 1 change the web administration password, 2 upload application...
CVE-2022-41258
Due to insufficient input validation, SAP Financial Consolidation - version 1010, allows an authenticated attacker to inject malicious script when running a common query in the Web Administration Console. On successful exploitation, an attacker can view or modify information causing a limited...
Input validation
Due to insufficient input validation, SAP Financial Consolidation - version 1010, allows an authenticated attacker to inject malicious script when running a common query in the Web Administration Console. On successful exploitation, an attacker can view or modify information causing a limited...
PT-2022-25772 · Sap · Sap Financial Consolidation
Name of the Vulnerable Software and Affected Versions: SAP Financial Consolidation version 1010 Description: The issue is due to insufficient input validation, allowing an authenticated attacker to inject malicious script when running a common query in the Web Administration Console. On successfu...
CVE-2022-41258
SAP Financial Consolidation 1010 is affected by an input-validation–driven cross-site scripting (XSS) vulnerability in the Web Administration Console. An authenticated attacker can inject malicious script when running a common query, potentially_VIEWing_ or modifying information with limited impa...
GHSA-W525-W93J-RXGM Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ
The web-based administration console in Apache ActiveMQ 5.x before 5.13.2 does not send an X-Frame-Options HTTP header, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web page that contains a 1 FRAME or 2 IFRAME element...
DEBIAN-CVE-2020-13947
An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the message.jsp page of Apache ActiveMQ versions 5.15.12 through 5.16.0...
CVE-2018-14935
The Web administration console on Polycom Trio devices with software before 5.5.4 has XSS...
CVE-2018-14935
The Web administration console on Polycom Trio devices with software before 5.5.4 has XSS...
CVE-2018-14935
The CVE-2018-14935 entry maps to a web-based XSS in the Web administration console of Polycom Trio devices running software before 5.5.4. Affected component: the web admin UI. Root cause: reflected/scripted input in the console without proper encoding. Impact: user-facing XSS could affect confide...