CVE-2016-5662 (kiteworks_appliance)
Accellion Kiteworks appliances before kw2016.03.00 use setuid-root permissions for /opt/bin/cli, which allows local users to gain privileges via unspecified vectors.
[월:] 2016년 08월
CVE-2016-5662
CVE-2016-5662
Accellion Kiteworks appliances before kw2016.03.00 use setuid-root permissions for /opt/bin/cli, which allows local users to gain privileges via unspecified vectors.
Source: CVE-2016-5662
CVE-2016-5050 (readydesk)
CVE-2016-5050 (readydesk)
Unrestricted file upload vulnerability in chat/sendfile.aspx in ReadyDesk 9.1 allows remote attackers to execute arbitrary code by uploading and requesting a .aspx file.
Source: CVE-2016-5050 (readydesk)
CVE-2016-5050
CVE-2016-5050
Unrestricted file upload vulnerability in chat/sendfile.aspx in ReadyDesk 9.1 allows remote attackers to execute arbitrary code by uploading and requesting a .aspx file.
Source: CVE-2016-5050
CVE-2016-5049 (readydesk)
CVE-2016-5049 (readydesk)
Directory traversal vulnerability in chat/openattach.aspx in ReadyDesk 9.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the SESID parameter in conjunction with a filename in the FNAME parameter.
Source: CVE-2016-5049 (readydesk)
CVE-2016-5049
CVE-2016-5049
Directory traversal vulnerability in chat/openattach.aspx in ReadyDesk 9.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the SESID parameter in conjunction with a filename in the FNAME parameter.
Source: CVE-2016-5049
CVE-2016-5048 (readydesk)
CVE-2016-5048 (readydesk)
SQL injection vulnerability in chat/staff/default.aspx in ReadyDesk 9.1 allows remote attackers to execute arbitrary SQL commands via the user name field.
Source: CVE-2016-5048 (readydesk)
CVE-2016-5048
CVE-2016-5048
SQL injection vulnerability in chat/staff/default.aspx in ReadyDesk 9.1 allows remote attackers to execute arbitrary SQL commands via the user name field.
Source: CVE-2016-5048
CVE-2016-4378 (xp_9000_command_view, xp7_command_view)
CVE-2016-4378 (xp_9000_command_view, xp7_command_view)
The (1) Device Manager, (2) Tiered Storage Manager, (3) Replication Manager, (4) Replication Monitor, and (5) Hitachi Automation Director (HAD) components in HPE XP P9000 Command View Advanced Edition Software before 8.4.1-00 and XP7 Command View Advanced Edition Suite before 8.4.1-00 allow remote attackers to obtain sensitive information via unspecified vectors.
Source: CVE-2016-4378 (xp_9000_command_view, xp7_command_view)
CVE-2016-4378
CVE-2016-4378
The (1) Device Manager, (2) Tiered Storage Manager, (3) Replication Manager, (4) Replication Monitor, and (5) Hitachi Automation Director (HAD) components in HPE XP P9000 Command View Advanced Edition Software before 8.4.1-00 and XP7 Command View Advanced Edition Suite before 8.4.1-00 allow remote attackers to obtain sensitive information via unspecified vectors.
Source: CVE-2016-4378