Pivotal Ops Manager, versions 2.4.x prior to 2.4.27, 2.5.x prior to 2.5.24, 2.6.x prior to 2.6.16, and 2.7.x prior to 2.7.5, logs all query parameters to tomcat’s access file. If the query parameters are used to provide authentication, ie. credentials, then they will be logged as ...
CVE-2011-5018PUBLISHED: 2020-01-08Koala Framework before 2011-11-21 has XSS via the request_uri parameter.
CVE-2011-5247PUBLISHED: 2020-01-08Snare for Linux before 1.7.0 has password disclosure because the rendered page contains the field RemotePassword.
CVE-2011-5250PUBLISHED: 2020-01-08Snare for Linux before 1.7.0 has CSRF in the web interface.
CVE-2011-5266PUBLISHED: 2020-01-08Imperva SecureSphere Web Application Firewall (WAF) before 12-august-2010 allows SQL injection filter bypass.
Support the originator by clicking the read the rest link below.