Showing 1 - 2 of 2

Files from SEC Consult

SA-20051223-1.txt: Posted Dec 29, 2005; Authored by SEC Consult | Site sec-consult.com; SEC Consult Security Advisory 20051223-1 - It is possible to read arbitrary files of the system such as the WEB-INF directory through the OracleAS discussion forum portlet. An attacker needs to know the file names.; tags | advisory, web, arbitrary; SHA-256 | 775697c50859caa89bbb921a8a51d9bd892979eb7a28b8ba315d443a6c2d066a; Download | Favorite | View

SA-20051223-0.txt: Posted Dec 29, 2005; Authored by SEC Consult | Site sec-consult.com; SEC Consult Security Advisory 20051223-0 - OracleAS Discussion Forum Portlet suffers from multiple Cross Site Scripting vulnerabilities. E.g. it is possible to create relogin trojans, steal session cookies, alter the content of the site or hide articles which don't show up in the overview page.; tags | advisory, trojan, vulnerability, xss; SHA-256 | d04346051912499b9c28f07d881f6390328e316d05d29a873a9d1b5b4f88b1a6; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days