Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before...
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000v2 before 1.0.0.53, D8500 before 1.0.3.44, R6220 before 1.1.0.80, R6250 before 1.0.4.34, R6260 before...
Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26,...
Certain NETGEAR devices are affected by Stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26,...
An issue was discovered in DAViCal Andrew’s Web Libraries (AWL) through 0.60. Long-term session cookies, uses to provide long-term session continuity, are not generated securely, enabling a brute-force attack that may be successful. Date...
An issue was discovered in DAViCal Andrew’s Web Libraries (AWL) through 0.60. Session management does not use a sufficiently hard-to-guess session key. Anyone who can guess the microsecond time (and the incrementing session_id) can...
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows malicious users to elevate privileges. Date published : 2020-04-15 http://seclists.org/fulldisclosure/2020/Apr/24 http://packetstormsecurity.com/files/157244/CA-API-Developer-Portal-4.2.x-4.3.1-Access-Bypass-Privilege-Escalation.html
CA API Developer Portal 4.3.1 and earlier handles loginRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks. Date published : 2020-04-15 http://seclists.org/fulldisclosure/2020/Apr/24 http://packetstormsecurity.com/files/157244/CA-API-Developer-Portal-4.2.x-4.3.1-Access-Bypass-Privilege-Escalation.html
CA API Developer Portal 4.3.1 and earlier handles homeRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks. Date published : 2020-04-15 http://seclists.org/fulldisclosure/2020/Apr/24 http://packetstormsecurity.com/files/157244/CA-API-Developer-Portal-4.2.x-4.3.1-Access-Bypass-Privilege-Escalation.html
CA API Developer Portal 4.3.1 and earlier handles 404 requests in an insecure manner, which allows attackers to perform open redirect attacks. Date published : 2020-04-15 http://seclists.org/fulldisclosure/2020/Apr/24 http://packetstormsecurity.com/files/157244/CA-API-Developer-Portal-4.2.x-4.3.1-Access-Bypass-Privilege-Escalation.html
CA API Developer Portal 4.3.1 and earlier handles requests insecurely, which allows remote attackers to exploit a Cross-Origin Resource Sharing flaw and access sensitive information. Date published : 2020-04-15 http://seclists.org/fulldisclosure/2020/Apr/24 http://packetstormsecurity.com/files/157244/CA-API-Developer-Portal-4.2.x-4.3.1-Access-Bypass-Privilege-Escalation.html
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view and edit user data. Date published : 2020-04-15 http://seclists.org/fulldisclosure/2020/Apr/24 http://packetstormsecurity.com/files/157244/CA-API-Developer-Portal-4.2.x-4.3.1-Access-Bypass-Privilege-Escalation.html
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view restricted sensitive information. Date published : 2020-04-15 http://seclists.org/fulldisclosure/2020/Apr/24 http://packetstormsecurity.com/files/157276/CA-API-Developer-Portal-4.2.x-4.3.1-Access-Bypass-Privilege-Escalation.html
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to perform a restricted user administration action. Date published : 2020-04-15 http://seclists.org/fulldisclosure/2020/Apr/24 http://packetstormsecurity.com/files/157276/CA-API-Developer-Portal-4.2.x-4.3.1-Access-Bypass-Privilege-Escalation.html