2 matches found
[PT-2011-23] Database information disclosure in GLPI
---------------------------------------------------------------------- PT-2011-23 Positive Technologies Security Advisory Database information disclosure in GLPI ---------------------------------------------------------------------- --- Vulnerable software GLPI Version 0.80.1 and earlier...
PT-2011-20: Authorization bypass vulnerability in OneOrZero AIMS
Positive Research Center has discovered authorization bypass vulnerability in OneOrZero AIMS. Vulnerability exists due incorrect logic of authorization using $COOKIE variables - predictable session value, stored in $COOKIE'oozimsrememberme' variable. Attacker, have valid username which registered...