Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
VignetteContent Suite

4 matches found

CVE
CVEadded 2003/06/30 4:0 a.m.54 views

CVE-2003-0401

Vignette StoryServer and Vignette V/5 allows remote attackers to obtain sensitive information via a request for the /vgn/style template.

5CVSS6.6AI score0.00901EPSS
CVE
CVEadded 2003/06/30 4:0 a.m.42 views

CVE-2003-0400

Vignette StoryServer and Vignette V/5 does not properly calculate the size of text variables, which causes Vignette to return unauthorized portions of memory, as demonstrated using the "-->" string in a CookieName argument to the login template, referred to as a "memory leak" in some reports.

5CVSS6.9AI score0.02427EPSS
CVE
CVEadded 2003/06/30 4:0 a.m.41 views

CVE-2003-0402

The default login template (/vgn/login) in Vignette StoryServer 5 and Vignette V/5 generates different responses whether a user exists or not, which allows remote attackers to identify valid usernames via brute force attacks.

5CVSS6.7AI score0.00741EPSS
CVE
CVEadded 2003/06/30 4:0 a.m.41 views

CVE-2003-0405

Vignette StoryServer 5 and Vignette V/6 allows remote attackers to execute arbitrary TCL code via (1) an HTTP query or cookie which is processed in the NEEDS command, or (2) an HTTP Referrer that is processed in the VALID_PATHS command.

5CVSS7.6AI score0.00886EPSS