Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
Podatności dla
'Groupwise webaccess'
2007-08-27
CVE-2007-4557
CWE-79
Cross-site scripting (XSS) vulnerability in the webacc servlet in Novell GroupWise 6.5 WebAccess allows remote attackers to inject arbitrary web script or HTML via the User.Id parameter, as demonstrated by a URL within a url field in a STYLE element, possibly due to an incomplete fix for CVE-2004-2103.2.
2006-12-31
CVE-2006-4220
CWE-79
Multiple cross-site scripting (XSS) vulnerabilities in webacc in Novell GroupWise WebAccess before 7 Support Pack 3 Public Beta allow remote attackers to inject arbitrary web script or HTML via the (1) User.html, (2) Error, (3) User.Theme.index, and (4) and User.lang parameters.
2006-08-11
CVE-2006-3818
CWE-Other
Cross-site scripting (XSS) vulnerability in the login page in Novell GroupWise WebAccess 6.5 before 20060721 and WebAccess 7 before 20060727 allows remote attackers to inject arbitrary web script or HTML via the GWAP.version parameter.
CVE-2006-3817
CWE-Other
Cross-site scripting (XSS) vulnerability in Novell GroupWise WebAccess 6.5 and 7 before 20060727 allows remote attackers to inject arbitrary web script or HTML via an encoded SCRIPT element in an e-mail message with the UTF-7 character set, as demonstrated by the "+ADw-SCRIPT+AD4-" sequence.
2005-07-26
CVE-2005-2276
Cross-site scripting (XSS) vulnerability in Novell Groupwise WebAccess 6.5 before July 11, 2005 allows remote attackers to inject arbitrary web script or HTML via an e-mail message with an encoded javascript URI (e.g. "jAvascript" in an IMG tag.
2005-01-17
CVE-2005-0296
** DISPUTED ** NOTE: this issue has been disputed by the vendor. The error module in Novell GroupWise WebAccess allows remote attackers who have not authenticated to read potentially sensitive information, such as the version, via an incorrect login and a modified (1) error or (2) modify parameter that returns template files or the "about" information page. NOTE: the vendor has disputed this issue.
2001-08-14
CVE-2001-1233
CWE-Other
Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services (NDS) enabled allows remote attackers to enumerate user names, group names and other system information by accessing ndsobj.nlm.
>>>
Vendor:
Novell
111
Produkty
Unixware
Http server
Web server
Suse linux
Netware
Groupwise
Netware client
Bordermanager
Client
Netware ftp server
Groupwise webaccess
Messenger
Web search
Netmail
Netmail xe
Emframe
Small business suite
Edirectory
Ichain
LEAP
Zenworks desktops
Imanager
Client firewall
Internet messaging system
Linux desktop
Nsure audit
Zenworks
Zenworks remote management
Zenworks server management
Zenworks servers
Open enterprise server
Zenworks patch management server
Groupwise messenger
Imonitor
Identity manager
Zenworks asset management
Apache http server
Access manager identity server
Access manager
Securelogin
Opensuse
Extend director
Modular authentication service
Client login extension (cle)
Zenworks endpoint security management
Opensuse swamp
Zenworks patch management update agent
Challenge response client
Novell client for windows
Apparmor
Iprint
Iprint client
Novell forum
Service desk
Zenworks desktop management
Identity manager roles based provisioning module
User application
Teaming
Netidentity client1.2.3
Suse linux enterprise server
Suse lifecycle management server
Zenworks configuration management
Moonlight
Zenworks handheld management
Vibe onprem
Zenworks configuration manager
Iprint open enterprise server
Opensuse build service
File reporter
Suse linux enterprise
Opensuse factory
Identity manager user application
Xtier framework
Data synchronizer
Mobility pack
File reporter engine
Suse studio onsite
Cloud manager
Iprint open enterprise server 2
Sentinel log manager
Suse audit log keeper
Zenworks mobile management
Kanaka
Suse linux enterprise desktop
Libzypp
Suse linux software development kit
Suse manager
Suse linux enterprise for sap applications
Suse cloud
Suse linux enterprise software development kit
Suse linux for vmware
Suse linux sdk
FILR
Suse linux enterprise module for legacy software
Suse manager proxy
Suse openstack cloud
Suse package hub for suse linux enterprise
Suse linux enterprise live patching
Suse linux enterprise module for public cloud
Suse linux enterprise workstation extension
Zobacz wszystkie produkty dla producenta
Novell
Copyright
2024
, cxsecurity.com
Back to Top