Lucene search
K
CitrixNfuse

6 matches found

CVE
CVE
added 2005/12/03 7:0 p.m.54 views

CVE-2005-3971

CVE-2005-3971 affects Citrix MetaFrame Secure Access Manager 2.0–2.2 and NFuse Elite 1.0. It is a cross-site scripting (XSS) vulnerability in the login form that allows remote attackers to inject arbitrary web script or HTML via the username field. The connected sources document this vulnerabilit...

4.3CVSS5.9AI score0.01405EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.53 views

CVE-2001-0760

Citrix Nfuse 1.51 is affected: a malformed request to launch.asp that omits the session field can disclose the absolute path of the web root to remote attackers, enabling partial disclosure of server information. No remediation or exploitation details are provided in the connected documents.

5CVSS7AI score0.03605EPSS
CVE
CVE
added 2002/06/11 4:0 a.m.52 views

CVE-2002-0502

CVE-2002-0502 affects Citrix NFuse 1.6. Affected component: applist.asp handling within NFuse, enabling remote attackers to list available applications without authentication. Root cause is improper access control on the applist.asp endpoint, leading to potential information disclosure. CVSS metr...

5CVSS7.3AI score0.03587EPSS
CVE
CVE
added 2002/06/11 4:0 a.m.52 views

CVE-2002-0504

CVE-2002-0504 describes a remote cross-site scripting flaw in Citrix NFuse 1.6 and earlier where results from getLastError are not quoted, allowing an attacker to inject script via the NFuse_Application parameter to launch.jsp or launch.asp. The CVSS v2 base metrics are provided (AV:N/AC:L/Au:N/C...

7.5CVSS6.6AI score0.07944EPSS
CVE
CVE
added 2002/05/03 4:0 a.m.51 views

CVE-2002-0301

Citrix NFuse 1.6 is affected: authentication can be bypassed by directly calling launch.asp using invalid NFUSE_USER and NFUSE_PASSWORD parameters, enabling access to sensitive information (partial confidentiality). Root cause: flawed authentication check visible in launch.asp handling of those p...

5CVSS7AI score0.02038EPSS
CVE
CVE
added 2002/06/11 4:0 a.m.48 views

CVE-2002-0503

CVE-2002-0503 corresponds to a directory traversal vulnerability in Citrix NFuse 1.5 , affecting the internal file ** boilerplate.asp**. The issue allows remote authenticated users to read arbitrary files via a double-dot sequence in the NFuse_Template parameter. The publicly available details (N...

5CVSS6.6AI score0.02471EPSS