Xsuite <=2.4.4.5 - Open Redirect

Xsuite 2.4.4.5 and prior contains an open redirect vulnerability, which can allow a remote attacker to redirect users to arbitrary web sites and conduct phishing attacks via a malicious URL in the redirurl parameter. id: CVE-2015-4668 info: name: Xsuite =2.4.4.5 - Open Redirect author: 0xAkoko...

Xceedium Xsuite <=2.4.4.5 - Local File Inclusion

Xceedium Xsuite 2.4.4.5 and earlier is vulnerable to local file inclusion via opm/readsessionlog.php that allows remote attackers to read arbitrary files in the logFile parameter. id: CVE-2015-4666 info: name: Xceedium Xsuite =2.4.4.5 - Local File Inclusion author: 0xAkoko severity: medium...

EUVD-2015-4684

Malware in sbrugna...

EUVD-2015-4687

Malware in sbrugna...

EUVD-2015-4688

Malware in sbrugna...

CVE-2015-4668

Open redirect vulnerability in Xsuite 2.4.4.5 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirurl parameter...

Open redirect

Open redirect vulnerability in Xsuite 2.4.4.5 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirurl parameter...

CVE-2015-4667

Multiple hardcoded credentials in Xsuite 2.x...

Hardcoded credentials

Multiple hardcoded credentials in Xsuite 2.x...

CVE-2015-4669

The MySQL "root" user in Xsuite 2.x does not have a password set, which allows local users to access databases on the system...

Information disclosure

The MySQL "root" user in Xsuite 2.x does not have a password set, which allows local users to access databases on the system...

CVE-2015-4668

Open redirect vulnerability in Xsuite 2.4.4.5 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirurl parameter...

CVE-2015-4668

CVE-2015-4668 describes an open redirect in Xsuite 2.4.4.5 and earlier, exploitable via a malicious redirurl parameter to redirect users to arbitrary sites and enable phishing. The NVD entry and multiple connected sources confirm the affected product as Xsuite, with the component/entry point bein...

CVE-2015-4667

Multiple hardcoded credentials in Xsuite 2.x...

CVE-2015-4667

CVE-2015-4667 affects Xceedium Xsuite 2.x (notably versions 2.3.0 and 2.4.3.0). The connected documents describe multiple hardcoded credentials vulnerabilities, including a hard-coded database password (n1b2dy) and broader issues in Xsuite 2.x that enable remote/ local access. Additional related ...

CVE-2015-4669

The MySQL "root" user in Xsuite 2.x does not have a password set, which allows local users to access databases on the system...

CVE-2015-4669

The CVE-2015-4669 entry pertains to Xceedium Xsuite 2.x where the MySQL root user has no password set, allowing Local access to the databases. The connected documents corroborate that this vulnerability enables local users to access databases and, in combination with other issues (e.g., command i...

Xceedium Xsuite Multiple Vulnerabilities

Xceedium Xsuite is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xceedium:xsuite";...

Xceedium Xsuite Remote Version Detection

Detection of installed version of Xceedium Xsuite. This script sends an HTTP GET request and tries to get the version from the response. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

Xceedium Xsuite Hardcoded Credentials Vulnerability

Xceedium Xsuite is a unified identity management solution from Xceedium that provides access control, monitoring and logging capabilities for hybrid cloud environments. The solution supports access control policies based on roles or individual users. Xceedium Xsuite suffers from a hard-coded...