Show filters
15 Total Results
Displaying 11-15 of 15
Sort by:
Attacker Value
Unknown
CVE-2013-1094
Disclosure Date: June 17, 2013 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in a ZCC page in zenworks-core in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to inject arbitrary web script or HTML via an invalid locale.
0
Attacker Value
Unknown
CVE-2013-1093
Disclosure Date: June 17, 2013 (last updated October 05, 2023)
Open redirect vulnerability in the fwdToURL function in the ZCC login page in zcc-framework.jar in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the directToPage parameter.
0
Attacker Value
Unknown
CVE-2013-1095
Disclosure Date: June 17, 2013 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to inject arbitrary web script or HTML via vectors involving an onError event.
0
Attacker Value
Unknown
CVE-2013-1097
Disclosure Date: June 17, 2013 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to inject arbitrary web script or HTML via vectors involving an onload event.
0
Attacker Value
Unknown
CVE-2013-1080
Disclosure Date: March 29, 2013 (last updated October 05, 2023)
The web server in Novell ZENworks Configuration Management (ZCM) 10.3 and 11.2 before 11.2.4 does not properly perform authentication for zenworks/jsp/index.jsp, which allows remote attackers to conduct directory traversal attacks, and consequently upload and execute arbitrary programs, via a request to TCP port 443.
0