CVE-2005-0285

Webseries Payment Application does not properly restrict privileged operations, which allows remote authenticated users to gain privileges by directly accessing certain URLs...

CVE-2005-0285

The CVE-2005-0285 entry concerns Webseries Payment Application with an improper restriction of privileged operations, allowing remote authenticated users to gain privileges by directly accessing privileged URLs. The primary impact is privilege escalation; no concrete remediation or fix details ar...

CVE-2005-0285

Webseries Payment Application does not properly restrict privileged operations, which allows remote authenticated users to gain privileges by directly accessing certain URLs...

CVE-2005-0288

CVE-2005-0288 concerns the Bottomline Webseries Payment Application. The change-password function does not require the old password when setting a new one, which could allow an authenticated user to change other users’ passwords. The description provided does not specify affected versions/builds ...

Portcullis Security Advisory 05-007

Portcullis Security Advisory Vulnerable System: Webseries Payment Application Vulnerability Title: Password Policy Implemented At Client rather than Server Vulnerability discovery and development: Portcullis Security Testing Services Affected systems: Bottomline Webseries Payment Application...

Portcullis Security Advisory 05-001

Portcullis Security Advisory Vulnerable System: Webseries Payment Application Vulnerability Title: Lack of Backend Authorisation Checking Vulnerability discovery and development: Portcullis Security Testing Services Affected systems: Bottomline Webseries Payment Application Details: Portcullis...

Portcullis Security Advisory 05-008

Portcullis Security Advisory Vulnerable System: Webseries Payment Application Vulnerability Title: Poor Password Change Implementation Vulnerability discovery and development: Portcullis Security Testing Services Affected systems: Bottomline Webseries Payment Application Details: The change...

Portcullis Security Advisory 05-009

Portcullis Security Advisory Vulnerable System: Webseries Payment Application Vulnerability Title: Execute Of Arbitrary Reports Vulnerability discovery and development: Portcullis Security Testing Services Affected systems: Bottomline Webseries Payment Application Details: Portcullis consultants...

Portcullis Security Advisory 05-006

Portcullis Security Advisory Vulnerable System: Webseries Payment Application Vulnerability Title: Directory & File Enumeration Via Reporting System Vulnerability discovery and development: Portcullis Security Testing Services Affected systems: Bottomline Webseries Payment Application Details: By...

CVE-2005-0288

The change password functionality in Bottomline Webseries Payment Application does not require the old password when users enter a new password, which could allow remote authenticated users to change other users' passwords...