Xsuite <=2.4.4.5 - Open Redirect

Xsuite 2.4.4.5 and prior contains an open redirect vulnerability, which can allow a remote attacker to redirect users to arbitrary web sites and conduct phishing attacks via a malicious URL in the redirurl parameter. id: CVE-2015-4668 info: name: Xsuite =2.4.4.5 - Open Redirect author: 0xAkoko...

Xceedium Xsuite <=2.4.4.5 - Local File Inclusion

Xceedium Xsuite 2.4.4.5 and earlier is vulnerable to local file inclusion via opm/readsessionlog.php that allows remote attackers to read arbitrary files in the logFile parameter. id: CVE-2015-4666 info: name: Xceedium Xsuite =2.4.4.5 - Local File Inclusion author: 0xAkoko severity: medium...

EUVD-2015-4684

Malware in sbrugna...

Broadcom CA Privilged Access Manager 2.8.2 - Remote Command Execution

Broadcom CA Privilged Access Manager 2.8.2 - Remote Command Execution Title: Broadcom CA Privilged Access Manager 2.8.2 - Remote Command Execution Author: Peter Lapp Date: 2019-12-05 Vendor:...

Broadcom CA Privileged Access Manager 2.8.2 Remote Command Execution

Title: Broadcom CA Privilged Access Manager 2.8.2 - Remote Command Execution Author: Peter Lapp Date: 2019-12-05 Vendor: https://techdocs.broadcom.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html CVE: CVE-2018-9021 an...

Xceedium Xsuite Multiple Vulnerabilities

Xceedium Xsuite is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xceedium:xsuite";...

Xceedium Xsuite Remote Version Detection

Detection of installed version of Xceedium Xsuite. This script sends an HTTP GET request and tries to get the version from the response. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

Xceedium Xsuite Open Redirect Vulnerability

Xceedium Xsuite is a unified identity management solution from Xceedium that provides access control, monitoring and logging capabilities for hybrid cloud environments. The solution supports access control policies based on roles or individual users. An open redirection vulnerability exists in...

Xceedium Xsuite Command Injection Vulnerability

Xceedium Xsuite is a unified identity management solution from Xceedium that provides access control, monitoring and logging capabilities for hybrid cloud environments. The solution supports access control policies based on roles or individual users. A security vulnerability exists in Xceedium...

Xceedium Xsuite Hardcoded Credentials Vulnerability

Xceedium Xsuite is a unified identity management solution from Xceedium that provides access control, monitoring and logging capabilities for hybrid cloud environments. The solution supports access control policies based on roles or individual users. Xceedium Xsuite suffers from a hard-coded...

Xceedium Xsuite Cross-Site Scripting Vulnerability

Xceedium Xsuite is a unified identity management solution from Xceedium that provides access control, monitoring and logging capabilities for hybrid cloud environments. The solution supports access control policies based on roles or individual users. A cross-site scripting vulnerability exists in...

CVE-2015-4666

Directory traversal vulnerability in opm/readsessionlog.php in Xceedium Xsuite 2.4.4.5 and earlier allows remote attackers to read arbitrary files via a ....// quadruple dot double slash in the logFile parameter...

CVE-2015-4665

Cross-site scripting XSS vulnerability in ajaxcmd.php in Xceedium Xsuite 2.4.4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the fileName parameter...

Directory traversal

Directory traversal vulnerability in opm/readsessionlog.php in Xceedium Xsuite 2.4.4.5 and earlier allows remote attackers to read arbitrary files via a ....// quadruple dot double slash in the logFile parameter...

CVE-2015-4666

Directory traversal vulnerability in opm/readsessionlog.php in Xceedium Xsuite 2.4.4.5 and earlier allows remote attackers to read arbitrary files via a ....// quadruple dot double slash in the logFile parameter...

CVE-2015-4665

Cross-site scripting XSS vulnerability in ajaxcmd.php in Xceedium Xsuite 2.4.4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the fileName parameter...

CVE-2015-4665

CVE-2015-4665 concerns a cross-site scripting (XSS) vulnerability in Xceedium Xsuite. The flaw resides in ajax_cmd.php, affecting Xsuite versions 2.4.4.1 and earlier, where a malicious value supplied via the fileName parameter can inject arbitrary script/HTML in a user’s browser. Public documenta...

CVE-2015-4666

CVE-2015-4666 affects Xceedium Xsuite 2.4.4.5 and earlier, exposing a directory-traversal flaw in the opm/read_sessionlog.php script. The vulnerability allows unauthenticated users to read arbitrary files via the logFile parameter using a quadruple dot and slash pattern (....//), potentially expo...

Xceedium Xsuite - Multiple Vulnerabilities

See also: http://www.modzero.ch/advisories/MZ-15-02-Xceedium-Xsuite.txt --------------------------------------------------------------------- modzero Security Advisory: Multiple Vulnerabilities in Xceedium Xsuite MZ-15-02 ---------------------------------------------------------------------...

Xceedium Xsuite - Multiple Vulnerabilities

Xceedium Xsuite - Multiple Vulnerabilities See also: http://www.modzero.ch/advisories/MZ-15-02-Xceedium-Xsuite.txt --------------------------------------------------------------------- modzero Security Advisory: Multiple Vulnerabilities in Xceedium Xsuite MZ-15-02...