12 matches found
EUVD-2008-5812
Malware in sbrugna...
CVE-2008-5842
Multiple cross-site scripting XSS vulnerabilities in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via vectors associated with 1 a demo application shipped with WebTransactions and possibly 2 an unspecified...
CVE-2008-5842
Multiple cross-site scripting XSS vulnerabilities in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via vectors associated with 1 a demo application shipped with WebTransactions and possibly 2 an unspecified...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via vectors associated with 1 a demo application shipped with WebTransactions and possibly 2 an unspecified...
CVE-2008-5842
Multiple cross-site scripting XSS vulnerabilities in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via vectors associated with 1 a demo application shipped with WebTransactions and possibly 2 an unspecified...
CVE-2008-5842
CVE-2008-5842 affects Fujitsu-Siemens WebTransactions 7.0/7.1 (and possibly other versions). The vulnerability is described as multiple cross-site scripting (XSS) flaws that allow remote attackers to inject arbitrary script/HTML via vectors tied to a shipped demo application and an unspecified dy...
Code injection
WBPublish aka WBPublish.exe in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versions allows remote attackers to execute arbitrary commands via shell metacharacters in input that is sent through HTTP and improperly used during temporary session data cleanup, possibly related to 1...
CVE-2008-5810
CVE-2008-5810 affects WBPublish.exe in Fujitsu-Siemens WebTransactions 7.0/7.1 (and possibly other versions). The flaw allows remote attackers to execute arbitrary commands via shell metacharacters in HTTP input that is mishandled during temporary session data cleanup, potentially involving direc...
CVE-2008-5810
WBPublish aka WBPublish.exe in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versions allows remote attackers to execute arbitrary commands via shell metacharacters in input that is sent through HTTP and improperly used during temporary session data cleanup, possibly related to 1...
SEC Consult SA-20081219-0 :: Fujitsu-Siemens WebTransactions remote command injection vulnerability
SEC-CONSULT Security Advisory 20081219-0 =================================================================================== title: Fujitsu-Siemens WebTransactions Remote Command Injection Vulnerability program: WebTransactions vulnerable version: =7.1 homepage: http://www.fujitsu-siemens.com/...
Fujitsu-Siemens WebTransactions远程命令执行漏洞
BUGTRAQ ID: 32927 CNCAN ID:CNCAN-2008122201 Fujitsu-Siemens WebTransactions是一款允许为主机应用程序提供新的业务流程和应用的解决方案。 Fujitsu-Siemens WebTransactions不正确处理输入验证,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 部分条件下,当清理临时会话数据时,WBPublish.exe传递没有经过验证的输入就给system函数,可导致无需验证攻击者以WEB进程权限执行任意命令。 Fujitsu-Siemens WebTransactions 7.1...
Fujitsu-Siemens WebTransactions shell characters vulnerability
Unfiltered user input in systemcall...