Lucene search
K

47 matches found

Prion
Prion
added 2009/03/24 2:30 p.m.16 views

Security feature bypass

Unspecified vulnerability in the web service in Sitecore CMS 5.3.1 rev. 071114 allows remote authenticated users to gain access to security databases, and obtain administrative and user credentials, via unknown vectors related to SOAP and XML requests...

4CVSS7AI score0.01152EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2009/03/24 2:0 p.m.46 views

CVE-2009-1055

Mode C: The vulnerability affects Sitecore CMS 5.3.1 rev. 071114 where the web service can disclose security databases and credentials to remote authenticated users via SOAP/XML requests. Root cause is unspecified in the public initial description, but connected Nessus/NVD entries confirm an info...

4CVSS6.7AI score0.01152EPSS
Exploits0References6Affected Software1
securityvulns
securityvulns
added 2006/12/15 12:0 a.m.53 views

Project Server 2003 - Credential Disclosure

============================================================== Project Server 2003 - Credential Disclosure [email protected] ============================================================== Microsoft Project server 2003 implements a thick client for some of the functionality. The...

0.4AI score
Exploits0
Prion
Prion
added 2006/04/25 1:2 a.m.15 views

Design/Logic Flaw

Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses a client-side check to verify a password, which allows remote attackers to gain administrator privileges via a modified client that sends certain XML requests...

10CVSS7.5AI score0.16109EPSS
Exploits1References9Affected Software1
NVD
NVD
added 2006/04/25 1:2 a.m.23 views

CVE-2006-0230

Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses a client-side check to verify a password, which allows remote attackers to gain administrator privileges via a modified client that sends certain XML requests...

10CVSS6.9AI score0.16109EPSS
Exploits1References9
Cvelist
Cvelist
added 2006/04/25 1:0 a.m.22 views

CVE-2006-0230

Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses a client-side check to verify a password, which allows remote attackers to gain administrator privileges via a modified client that sends certain XML requests...

6.9AI score0.16109EPSS
Exploits1References9
securityvulns
securityvulns
added 2004/10/13 12:0 a.m.268 views

Microsoft WebDAV XML DoS

Large number of attributes in requests causes resource exhaustion...

1.8AI score
Exploits0References2Affected Software1
Rows per page
Query Builder