Lucene search

K

MicrofocusCVELIST:CVE-2016-1595

HistoryApr 22, 2016 - 10:00 a.m.

CVE-2016-1595

2016-04-2210:00:00

microfocus

www.cve.org

6

AI Score

6.4

Confidence

High

EPSS

0.004

Percentile

74.3%

LiveTime/WebObjects/LiveTime.woa/wa/DownloadAction/downloadFile in Micro Focus Novell Service Desk before 7.2 allows remote authenticated users to conduct Hibernate Query Language (HQL) injection attacks and obtain sensitive information via the entityName parameter.

References

www.securityfocus.com/archive/1/538043/100/0/threaded

packetstormsecurity.com/files/136646

raw.githubusercontent.com/pedrib/PoC/master/advisories/novell-service-desk-7.1.0.txt

www.exploit-db.com/exploits/39687/

www.novell.com/support/kb/doc.php?id=7017430

AI Score

6.4

Confidence

High

EPSS

0.004

Percentile

74.3%

Related for CVELIST:CVE-2016-1595

cve1 nvd1 prion1 zdt1 packetstorm1 openvas1 exploitdb1