Fortigate firewall pre 2.50 maintenance release 4 allows a remote attacker to inject hostile code into an administrative interface. This vulnerability, used in conjunction with the fact that the username and MD5 hash of the user's password are stored in a cookie, allows a remote attacker to trick an administrator into giving up their credentials.
10520ea52ac2e94c5e4b69055bcaa957dce33e5e0594b94759fc3b4eefda58aaFortigate firewall pre 2.50 maintenance release 4 has multiple vulnerabilities that allow a remote attacker to gain a username and password of the system.
95f4fdeaee40230c69c9cea9ca94971a53173dfd647a8898779d5907ae087821Shopfactory e-commerce application, which is used by over 40,000 Internet sites, allows alteration of order details. Data relational to end user input is stored in cookies, including the price of the items someone may be buying, which in turn allows them to alter the prices they pay. Versions affected: 5.8 and below.
25afdbad685f47b8762bafb6307e4c2348efc20108303d1e37397ab66181e0ac
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed