47 matches found
Security feature bypass
Unspecified vulnerability in the web service in Sitecore CMS 5.3.1 rev. 071114 allows remote authenticated users to gain access to security databases, and obtain administrative and user credentials, via unknown vectors related to SOAP and XML requests...
CVE-2009-1055
Mode C: The vulnerability affects Sitecore CMS 5.3.1 rev. 071114 where the web service can disclose security databases and credentials to remote authenticated users via SOAP/XML requests. Root cause is unspecified in the public initial description, but connected Nessus/NVD entries confirm an info...
Project Server 2003 - Credential Disclosure
============================================================== Project Server 2003 - Credential Disclosure [email protected] ============================================================== Microsoft Project server 2003 implements a thick client for some of the functionality. The...
Design/Logic Flaw
Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses a client-side check to verify a password, which allows remote attackers to gain administrator privileges via a modified client that sends certain XML requests...
CVE-2006-0230
Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses a client-side check to verify a password, which allows remote attackers to gain administrator privileges via a modified client that sends certain XML requests...
CVE-2006-0230
Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses a client-side check to verify a password, which allows remote attackers to gain administrator privileges via a modified client that sends certain XML requests...
Microsoft WebDAV XML DoS
Large number of attributes in requests causes resource exhaustion...