Cross-Site Request Forgery (CSRF) in NCR Terminal Handler v.1.5.1 leads to a one-click account takeover. This is achieved by exploiting multiple vulnerabilities, including an undisclosed function in t ...
Continue Reading01 февраля, 2024
The suds project is a python soap web services client lib. Suds leverages python meta programming to provide an intuitive API for consuming web services. Objectification of types defined in the WSDL i ...
Continue Reading29 января, 2024
The WSDL/WADL import functionality in SoapUI before 4.6.4 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL...Read More ...
Continue Reading29 января, 2024
SQL Injection vulnerability in Quest Analytics LLC IQCRM v.2023.9.5 allows a remote attacker to execute arbitrary code via a crafted request to the Common.svc WSDL...Read More ...
Continue Reading22 января, 2024
The WSDL/WADL import functionality in SoapUI before 4.6.4 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL...Read More ...
Continue Reading21 декабря, 2023
An XML external entity (XXE) vulnerability in CommandCenterWebServices/.*?wsdl in Raritan CommandCenter Secure Gateway before 8.0.0 allows remote unauthenticated users to read arbitrary files or condu ...
Continue Reading14 декабря, 2023
An XML external entity (XXE) vulnerability in CommandCenterWebServices/.*?wsdl in Raritan CommandCenter Secure Gateway before 8.0.0 allows remote unauthenticated users to read arbitrary files or condu ...
Continue Reading14 декабря, 2023
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, a director ...
Continue Reading15 августа, 2023
Back to Main