Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

fatih kilic vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2010-3891
Cross-site request forgery (CSRF) vulnerability in ESAdmin/security.do in the administrator interface in IBM OmniFind Enterprise Edition prior to 9.1 allows remote malicious users to hijack the authentication of administrators for requests that add an administrative user via a sa...
Ibm Omnifind 8.4Ibm Omnifind 8.5Ibm Omnifind 8.0Ibm Omnifind
NA
CVE-2010-3895
esRunCommand in IBM OmniFind Enterprise Edition prior to 9.1 allows local users to gain privileges by specifying an arbitrary command name as the first argument.
Ibm Omnifind 8.5Ibm OmnifindIbm Omnifind 8.0Ibm Omnifind 8.4
NA
CVE-2010-3899
IBM OmniFind Enterprise Edition 8.x and 9.x performs web crawls with an unlimited recursion depth, which allows remote web servers to cause a denial of service (infinite loop) via a crafted series of documents.
Ibm Omnifind 8.0Ibm Omnifind 9.0
NA
CVE-2010-3893
The administrator interface in IBM OmniFind Enterprise Edition 8.x and 9.x does not restrict use of a session ID (aka SID) value to a single IP address, which allows remote malicious users to perform arbitrary administrative actions by leveraging cookie theft, related to a "...
Ibm Omnifind 8.0Ibm Omnifind 8.4Ibm Omnifind 9.1Ibm Omnifind 8.5Ibm Omnifind 9.0
NA
CVE-2010-3894
Stack-based buffer overflow in the Java_com_ibm_es_oss_CryptionNative_ESEncrypt function in /opt/IBM/es/lib/libffq.cryptionjni.so in the login form in the administration interface in IBM OmniFind Enterprise Edition prior to 8.5 FP6 allows remote malicious users to execute arbitra...
Ibm Omnifind 6.1Ibm Omnifind 8.4Ibm Omnifind 8.0Ibm Omnifind
NA
CVE-2010-3896
The ESSearchApplication directory tree in IBM OmniFind Enterprise Edition 8.x and 9.x does not require authentication, which allows remote malicious users to modify the server configuration via a request to palette.do.
Ibm Omnifind 8.0Ibm Omnifind 9.1Ibm Omnifind 8.4Ibm Omnifind 8.5Ibm Omnifind 9.0
NA
CVE-2010-4236
Untrusted search path vulnerability in estaskwrapper in IBM OmniFind Enterprise Edition prior to 9.1 allows local users to gain privileges via an ES_LIBRARY_PATH environment variable and a modified PATH environment variable, which is used during execution of the estasklight progr...
Ibm Omnifind 8.0Ibm Omnifind 8.5Ibm OmnifindIbm Omnifind 8.4Ibm Omnifind 6.1
NA
CVE-2010-3890
Cross-site scripting (XSS) vulnerability in IBM OmniFind Enterprise Edition prior to 9.1 allows remote malicious users to inject arbitrary web script or HTML via the command parameter to the administration interface, as demonstrated by the command parameter to ESAdmin/collection....
Ibm Omnifind 8.5Ibm OmnifindIbm Omnifind 8.0Ibm Omnifind 8.4
NA
CVE-2010-3892
Session fixation vulnerability in the login form in the administrator interface in IBM OmniFind Enterprise Edition 8.x and 9.x allows remote malicious users to hijack web sessions by replaying a session ID (aka SID) value.
Ibm Omnifind 8.0Ibm Omnifind 8.4Ibm Omnifind 8.5Ibm Omnifind 9.0Ibm Omnifind 9.1
NA
CVE-2010-3897
ESSearchApplication/palette.do in IBM OmniFind Enterprise Edition 8.x and 9.x includes the administrator password in the HTML source code, which might allow remote malicious users to obtain sensitive information by leveraging read access to this file.
Ibm Omnifind 9.0Ibm Omnifind 9.1Ibm Omnifind 8.4Ibm Omnifind 8.5Ibm Omnifind 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322CVE-2006-4304wirelessCVE-2023-23022local file inclusionCVE-2024-27058CVE-2024-33820open redirectCVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook