[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248678

 
 

909

 
 

195426

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 31193 Download | Alert*

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successfully exploited the vulnerability could then perform cross-site scriptin ...

The host is installed with Cacti 1.2.19 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle crafted data. Successful exploitation allows attackers to bypass Cacti authentication with certain credential types under certain ldap conditions.

The host is installed with Cacti 1.2.22 and earlier and is prone to a command injection vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows an unauthenticated user to execute arbitrary code on a server running Cacti.

The host is installed with Winlogbeat before 5.6.16 or 6.0.x before 6.6.2 and is prone to an insufficient logging vulnerability. A flaw is present in the application, which fails to properly handle issues in unspecified vectors. Successful exploitation could allow an attacker to inject certain characters into a log entry could prevent Winlogbeat from recording the event.

The host is installed with Atlassian Jira Server version 7.4.0 before version 8.4.0 and is prone to a cross site request forgery. A flaw is present in the application which fails to properly handle the Webwork action. Successful exploitation could allow attackers to to bypass its protection via "cookie tossing" a CSRF cookie from a subdomain of a Jira instance.

Use of Cache Containing Sensitive Information in Atlassian Jira Server version 7.13.0 before version 8.4.0. A flaw is present in the application which fails to properly handle the AccessLogFilter class. Successful exploitation could allow attackers to learn details about other users, including their username.

The host is installed with Atlassian Jira Server version 7.12.0 before version 7.13.7, from version 8.0.0 before version 8.3.3 and is prone to a cross site scripting vulnerability. A flaw is present in the application which fails to properly handle the FilterPickerPopup.jspa resource. Successful exploitation could allow attackers to inject arbitrary HTML or JavaScript.

The host is installed with Atlassian Jira Server version 7.6.0 before version 8.4.0 and is prone to an incorrect authorization check vulnerability. A flaw is present in the application which fails to properly handle the /rest/api/1.0/render resource. Successful exploitation could allow attackers to determine if an attachment with a specific name exists and if an issue key is valid.

The host is installed with Atlassian Jira Server version 7.13.0 before version 8.3.2 and is prone to a cross site request forgery vulnerability. A flaw is present in the application which fails to properly handle the ServiceExecutor resource. Successful exploitation could allow attackers to trigger the creation of export files.

The host is installed with Atlassian Jira Server version 7.6.0 before version 8.3.2 and is prone to an incorrect authorization check vulnerability. A flaw is present in the application which fails to properly handle the /rest/issueNav/1/issueTable resource. Successful exploitation could allow attackers to enumerate usernames.


Pages:      Start    1995    1996    1997    1998    1999    2000    2001    2002    2003    2004    2005    2006    2007    2008    ..   3119

© SecPod Technologies