Lucene search
K
ObmOpen Business Management

5 matches found

CVE
CVE
added 2012/08/31 9:0 p.m.48 views

CVE-2011-5144

Open Business Management (OBM) server vulnerability CVE-2011-5144 affects OBM 2.4.0-rc13 and earlier. A direct request to test.php triggers phpinfo(), allowing remote attackers to obtain configuration information, i.e., partial disclosure of sensitive data. This is a server-side information discl...

5CVSS6.5AI score0.01489EPSS
CVE
CVE
added 2012/08/31 9:0 p.m.47 views

CVE-2011-5142

Open Business Management (OBM) 2.4.0-rc13 and possibly earlier versions are affected by multiple XSS vulnerabilities. The issue allows remote attackers to inject arbitrary web script or HTML via several parameters in OBM’s web interfaces: tf_delegation, tf_ip, and tf_name in search action to host...

4.3CVSS5.9AI score0.01208EPSS
Web
CVE
CVE
added 2012/08/31 9:0 p.m.47 views

CVE-2011-5145

Open Business Management (OBM)

5.5CVSS8.3AI score0.01166EPSS
Web
CVE
CVE
added 2012/08/31 9:0 p.m.40 views

CVE-2011-5143

CVE-2011-5143 — Multiple XSS vulnerabilities in Open Business Management (OBM) 2.3.20 and earlier allow remote attackers to inject arbitrary script/HTML via index.php parameters tf_name, tf_delegation, and tf_ip. The OpenVAS entry for Open Business Management

4.3CVSS5.7AI score0.00942EPSS
CVE
CVE
added 2012/08/31 9:0 p.m.37 views

CVE-2011-5141

Open Business Management (OBM) vulnerable in versions up to 2.4.0-rc13 due to a directory traversal in exportcsv/exportcsv_index.php. Remote authenticated users can abuse a .. in the module parameter within an export_page action to include and execute arbitrary local files. Affected component: OB...

6CVSS6.9AI score0.01296EPSS
Web