Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum eRoom 7.4.3, 7.4.4 before P19, and 7.4.4 SP1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Date published : 2014-06-30...
Session fixation vulnerability in the Report Advisor (RA) component in EMC Network Configuration Manager (NCM) before 9.3 allows remote attackers to hijack web sessions via a session cookie. Date published : 2014-06-30 http://archives.neohapsis.com/archives/bugtraq/2014-06/0168.html http://www.securityfocus.com/archive/1/533077/100/0/threaded
HP Enterprise Maps 1.00 allows remote authenticated users to read arbitrary files via a WSDL document containing an XML external entity declaration in conjunction with an entity reference within a GetQuote operation, related to...
SQL injection vulnerability in the photo-edit subsystem in Piwigo 2.6.x and 2.7.x before 2.7.0beta2 allows remote authenticated administrators to execute arbitrary SQL commands via the associate[] field. Date published : 2014-06-28 http://piwigo.org/bugs/changelog_page.php http://piwigo.org/bugs/view.php?id=3089
Unspecified vulnerability in Piwigo before 2.6.3 has unknown impact and attack vectors, related to a "security failure." Date published : 2014-06-28 http://piwigo.org/forum/viewtopic.php?id=24009 http://piwigo.org/releases/2.6.3
Unspecified vulnerability in HP Release Control 9.x before 9.13 p3 and 9.2x before RC 9.21.0003 p1 on Windows and 9.2x before RC 9.21.0002 p1 on Linux allows remote authenticated users to gain privileges via...
Unspecified vulnerability in HP Release Control 9.x before 9.13 p3 and 9.2x before RC 9.21.0003 p1 on Windows and 9.2x before RC 9.21.0002 p1 on Linux allows remote authenticated users to obtain sensitive information...
Unspecified vulnerability in IBM OpenPages GRC Platform 6.1.0.1 before IF4 allows remote attackers to bypass intended access restrictions via unknown vectors. Date published : 2014-06-27 http://www-01.ibm.com/support/docview.wss?uid=swg21676990
SQL injection vulnerability in IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. Date published : 2014-06-27 http://www-01.ibm.com/support/docview.wss?uid=swg21676688 https://exchange.xforce.ibmcloud.com/vulnerabilities/88561
Cross-site scripting (XSS) vulnerability in IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Date published : 2014-06-27 http://www-01.ibm.com/support/docview.wss?uid=swg21676688 https://exchange.xforce.ibmcloud.com/vulnerabilities/88560
IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to hijack sessions, and consequently read records, modify records, or conduct transactions, via an unspecified link injection. Date published : 2014-06-27 http://www-01.ibm.com/support/docview.wss?uid=swg21676688 https://exchange.xforce.ibmcloud.com/vulnerabilities/88559
IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to conduct phishing attacks and capture login credentials via an unspecified injection. Date published : 2014-06-27 http://www-01.ibm.com/support/docview.wss?uid=swg21676688 https://exchange.xforce.ibmcloud.com/vulnerabilities/88558
Cross-site request forgery (CSRF) vulnerability in Intercom Web Kyukincho 3.x before 3.0.030 allows remote attackers to hijack the authentication of arbitrary users. Date published : 2014-06-27 http://jvn.jp/en/jp/JVN80006084/995199/index.html http://jvn.jp/en/jp/JVN36259412/index.html
Cross-site scripting (XSS) vulnerability in the management console in Symantec Data Insight 3.x and 4.x before 4.5 allows remote attackers to inject arbitrary web script or HTML via an unspecified form field, related to...