Lucene search
K

6 matches found

NVD
NVD
added 2002/06/18 4:0 a.m.10 views

CVE-2002-0582

WorkforceROI Xpede 4.1 stores temporary expense claim reports in a world-readable and indexable /reports/temp directory, which allows remote attackers to read the reports by accessing the directory...

5CVSS6.5AI score0.01601EPSS
Exploits0References3
NVD
NVD
added 2002/06/18 4:0 a.m.11 views

CVE-2002-0583

WorkforceROI Xpede 4.1 uses a small random namespace 5 alphanumeric characters for temporary expense claim reports in the /reports/temp directory, which allows remote attackers to read the reports via a brute force attack...

5CVSS6.5AI score0.01601EPSS
Exploits0References3
CVE
CVE
added 2002/06/11 4:0 a.m.41 views

CVE-2002-0582

CVE-2002-0582 affects WorkforceROI Xpede 4.1. The vulnerability stems from storing temporary expense claim reports in a world-readable and indexable /reports/temp directory, enabling remote readers to access the reports. The NVD entry lists a CVSS v2 base score of 5.0 (Medium) with network attack...

5CVSS7AI score0.01601EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2002/06/11 4:0 a.m.41 views

CVE-2002-0584

The CVE-2002-0584 entry concerns WorkforceROI Xpede 4.1. The vulnerability allows remote attackers to read user timesheets by tampering with the TSN ID parameter in the ts_app_process.asp script. The TSN ID is easily guessable because it is incremented by 1 for each new timesheet, enabling an att...

5CVSS7AI score0.01772EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2002/06/11 4:0 a.m.39 views

CVE-2002-0486

Affected: Intellisol Xpede 4.1. The CVE-2002-0486 entry describes that the product stores authentication information in cookies using weak encryption, enabling local access to cookies to escalate privileges. Root cause: weak encryption used for cookie-stored credentials. Impact: according to NVD ...

7.2CVSS6.9AI score0.00792EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2002/06/11 4:0 a.m.39 views

CVE-2002-0583

CVE-2002-0583 affects WorkforceROI Xpede 4.1. The vulnerability stems from using a small random namespace (5 alphanumeric chars) for temporary expense claim reports stored under /reports/temp, enabling remote attackers to read these reports through brute-force access. Impact described as confiden...

5CVSS6.9AI score0.01601EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder