4552 matches found
Symantec IT Management Suite Multiple Issues
SUMMARY Symantec has released updates to address two security issues: a cross-site scripting XSS issue and a denial of service DoS issue reported in the Symantec IT Management Suite ITMS workflow process manager console. AFFECTED PRODUCTS Symantec IT Manage Suite Workflow Process Manager Console...
CVE-2016-5532
Unspecified vulnerability in the Oracle Shipping Execution component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality via vectors related to Workflow Events...
CVE-2016-5532
Unspecified vulnerability in the Oracle Shipping Execution component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality via vectors related to Workflow Events...
Design/Logic Flaw
Unspecified vulnerability in the Oracle Shipping Execution component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality via vectors related to Workflow Events...
CVE-2016-5532
Unspecified vulnerability in the Oracle Shipping Execution component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality via vectors related to Workflow Events...
CVE-2016-5532
CVE-2016-5532 affects Oracle E-Business Suite Shipping Execution, specifically the Shipping Execution component, versions 12.1.1–12.1.3 and 12.2.3–12.2.6. The vulnerability allows remote attackers to disclose confidential data via Workflow Events. No exploitation details are provided in the conne...
CVE-2016-5532
Unspecified vulnerability in the Oracle Shipping Execution component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality via vectors related to Workflow Events...
XSRF Security Token Missing when clicking on Contact an administrator
h3. Summary Clicking on the "Contact an administrator to perform this action." results in XSRF Security Token Missing. Tested with : Chrome Version 54.0.2840.59 64-bit Firefox 49.0 h3. Steps to Reproduce Configure Outgoing Mail Enable Contact Administrators Form from General Configurations Create...
XSRF Security Token Missing when clicking on Contact an administrator
h3. Summary Clicking on the "Contact an administrator to perform this action." results in XSRF Security Token Missing. Tested with : Chrome Version 54.0.2840.59 64-bit Firefox 49.0 h3. Steps to Reproduce Configure Outgoing Mail Enable Contact Administrators Form from General Configurations Create...
Unspecified Vulnerability in Oracle E-Business Suite Oracle Shipping Execution Component
Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. Oracle Shipping Execution is one of the components of the management of transportation information. A remote security vulnerability exists in the...
SQL Injection Vulnerability in VOA (Pengwei) System name parameter
Shenzhen Pengwei Information Technology Co., Ltd VOA collaborative office platform is a kind of asp development OA system. VOA Pengwei system name parameter exists SQL injection vulnerability, the vulnerability URL is http://demo.kmpsoft.com/MyWorkflow/WFGetTripNo.aspx. Attackers can use the...
[SECURITY] Fedora 25 Update: trytond-4.0.4-1.fc25
Tryton is a three-tiers high-level general purpose application framework written in Python and use PostgreSQL as database engine. It is the core base of an Open Source ERP. It provides modularity, scalability and security. The core of Tryton also called Tryton kernel provides all the necessary...
[SECURITY] Fedora 24 Update: drupal7-entity_translation-1.0-0.9.beta5.fc24
Allows fieldable entities to be translated into different languages, by introducing entity/field translation for the new translatable fields capability in Drupal 7. Maintained by the Drupal core i18n team. This project does not replace the Internationalization http://drupal.org/project/i18n...
Nexpose Now: Because Security Doesn't Wait
Attackers dont wait for your schedule, in fact, they try and take advantage of your windows of wait when youre biding your time waiting for a scan. Just think of your typical Patch Tuesday, when you walk in on Wednesday your vulnerability management solution has all the checks, but then you wait...
Weaver eweaver com. eweaver. workflow. workflow. servlet. ExportAction parameters exportid, etc multiple SQL injection vulnerabilities
No description provided by source...
NetApp OnCommand Workflow Automation Authentication Bypass Vulnerability
NetApp OnCommand Workflow Automation is a set of storage process management software from the U.S. company NetApp. An authentication bypass vulnerability exists in versions of NetApp OnCommand Workflow Automation prior to 3.1P2, which can be exploited by an attacker to bypass the authorization...
MS16-088: Description of the security update for SharePoint Server 2016: July 12, 2016
MS16-088: Description of the security update for SharePoint Server 2016: July 12, 2016 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see...
When JIRA project has a security scheme, the option "None" is not displayed in Crucible
h3. Summary Whenever a JIRA project has a Security Scheme defined, and a workflow transition has at least one required field, a window is opened in JIRA side so that the required field/s are selected. Among the fields displayed in this window there will be the "Security Level", in which the...
ProcessMaker 3.0.1.7 - Multiple Vulnerabilities
Exploit for php platform in category web applications Exploit Title: ProcessMaker v3.0.1.7 Multiple vulnerabilities Date: 31/05/2016 Author: Mickael Dorigny @ information-security.fr Vendor or Software Link: http://www.processmaker.com/ Version: 3.0.1.7 Category: Multiple Vulnerabilities...
ProcessMaker 3.0.1.7 - Multiple Vulnerabilities
ProcessMaker 3.0.1.7 - Multiple Vulnerabilities Exploit Title: ProcessMaker v3.0.1.7 Multiple vulnerabilities Date: 31/05/2016 Author: Mickael Dorigny @ information-security.fr Vendor or Software Link: http://www.processmaker.com/ Version: 3.0.1.7 Category: Multiple Vulnerabilities ProcessMaker...