4547 matches found
CVE-2012-3799
Multiple cross-site request forgery CSRF vulnerabilities in the Maestro module 7.x-1.x before 7.x-1.2 for Drupal allow remote attackers to hijack the authentication of administrators for requests that 1 change workflows or 2 insert cross-site scripting XSS sequences...
[SECURITY] Fedora 17 Update: python-virtualenvwrapper-3.4-1.fc17
virtualenvwrapper is a set of extensions to Ian Bicking's virtualenv tool. The extensions include wrappers for creating and deleting virtual environments and otherwise managing your development workflow, making it easier to work on more than one project at a time without introducing conflicts in...
IBM Rational ClearQuest CQOle ActiveX
Added: 05/30/2012 CVE: CVE-2012-0708 BID: 53170 OSVDB: 81443 Background Rational ClearQuest is an enterprise workflow automation tool. It functions as a bug tracking tool and can act as a CRM or process tracker. Problem The ClearQuest web client installs ActiveX modules on the client system. Thes...
[SECURITY] Fedora 17 Update: python-virtualenvwrapper-3.2-3.fc17
virtualenvwrapper is a set of extensions to Ian Bicking's virtualenv tool. The extensions include wrappers for creating and deleting virtual environments and otherwise managing your development workflow, making it easier to work on more than one project at a time without introducing conflicts in...
[SECURITY] Fedora 17 Update: trytond-2.2.2-1.fc17
Tryton is a three-tiers high-level general purpose application framework written in Python and use PostgreSQL as database engine. It is the core base of an Open Source ERP. It provides modularity, scalability and security. The core of Tryton also called Tryton kernel provides all the necessary...
A DTMF-based IVR application that is developed by using Lync Server 2010, UCMA 3.0 Workflow APIs crashes
Fixes an issue in which a DTMF-based IVR application crashes when a user barges-in multiple times with invalid DTMF digits or barges-in to request help. This issue occurs if the application is developed by using Lync Server 2010, UCMA 3.0 Workflow APIs.SymptomsConsider the following scenario: You...
[SECURITY] Fedora 16 Update: trytond-2.0.4-1.fc16
Tryton is a three-tiers high-level general purpose application framework written in Python and use PostgreSQL as database engine. It is the core base of an Open Source ERP. It provides modularity, scalability and security. The core of Tryton also called Tryton kernel provides all the necessary...
OpenKM Document Management System 5.1.7 Privilege Escalation
COMPASS SECURITY ADVISORY http://www.csnc.ch/ ID: COMPASS-2012-001 Product: OpenKM Document Management System 5.1.7 1 Vendor: OpenKM http://www.openkm.com/ Subject: Privilege Escalation, Improper Access Control Risk: High Effect: Remotely exploitable Author: Cyrill Brunschwiler...
Oracle Database Multiple Vulnerabilities (January 2006 CPU)
The remote Oracle database server is missing the January 2006 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Advanced Queuing - Change Data Capture - Connection Manager - Data Pump - Data Pump Metadata API - Dictionary - Java Net...
Oracle Database Multiple Vulnerabilities (January 2007 CPU)
The remote Oracle database server is missing the January 2007 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Advanced Queuing - Advanced Replication - Advanced Security Option - Change Data Capture - Data Guard - Export - Log Min...
HP MFP Digital Sending Software 4.9x <= 4.91.21 Local Workflow Metadata Information Disclosure
The remote Windows host contains a version of HP MFP Digital Sending Software version 4.9x that's 4.91.21 or earlier. It is reportedly affected by a local information disclosure vulnerability that could result in disclosure of personal information in workflow metadata. C Tenable Network Security,...
Design/Logic Flaw
HP MFP Digital Sending Software 4.9x through 4.91.21 allows local users to obtain sensitive workflow-metadata information via unspecified vectors...
SAP NetWeaver Workflow Modeler - Multiple XSS
Application: SAP NetWeaver Workflow Modeler Versions Affected: SAP NetWeaver NW2004s SP6 Workflow Modeler Vendor URL: http://www.sap.com Bugs: XSS Exploits: YES Reported: 06.08.2010 Vendor response: 07.08.2010 Date of Public Advisory: 12.02.2014 Reference: SAP Security Note 1860923 Author:...
Joomla! Component Article Factory Manager - Arbitrary File Upload
Joomla! Component Article Factory Manager - Arbitrary File Upload vendor :http://www.thefactory.ro/shop/joomla-components/article-manager.html ooooo .oooooo. oooooo oooooo oooo 888' d8P' Y8b 888. 888. .8' 888 888 888. .8888. .8' 888 888 888 .8'888. .8' 888 888 888.8' 888.8' 888 88b ooo 888' 888'...
Joomla Component com_articleman Upload Vulnerability
Exploit for php platform in category web applications ==================================================== Joomla Component comarticleman Upload Vulnerability ==================================================== Description : Article Factory Manager is a very useful tool for any article driven...
Cross site scripting
Cross-site scripting XSS vulnerability in the Workflow module 5.x-2.x before 5.x-2.6 and 6.x-1.x before 6.x-1.4 for Drupal, when used with the Token module, might allow remote authenticated users to inject arbitrary web script or HTML via a certain Comment field...
CVE-2010-1539
Cross-site scripting XSS vulnerability in the Workflow module 5.x-2.x before 5.x-2.6 and 6.x-1.x before 6.x-1.4 for Drupal, when used with the Token module, might allow remote authenticated users to inject arbitrary web script or HTML via a certain Comment field...
CVE-2010-1539
Cross-site scripting XSS vulnerability in the Workflow module 5.x-2.x before 5.x-2.6 and 6.x-1.x before 6.x-1.4 for Drupal, when used with the Token module, might allow remote authenticated users to inject arbitrary web script or HTML via a certain Comment field...
CVE-2010-1539
The CVE-2010-1539 entry concerns a Cross-site scripting (XSS) vulnerability in Drupal’s Workflow module when used with the Token module. Affected versions are Workflow 5.x-2.x prior to 5.x-2.6 and 6.x-1.x prior to 6.x-1.4. The issue allows remote authenticated users to inject arbitrary web script...
CVE-2009-4776
CVE-2009-4776 describes a buffer overflow in Hitachi Cosminexus components (V4–V8 Processing Kit for XML and Developer’s Kit for Java) used in products such as uCosminexus, Electronic Form Workflow, GroupMax, and IBM XL C/C++ Enterprise Edition 7–8. The issue involves GIF image processing APIs in...