Search
Search Results (17 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-25675 | 3 Arcasolutions, Edirectory, Microfocus | 3 Edirectory, Edirectory, Edirectory | 2026-07-15 | 8.2 High |
| eDirectory contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to bypass administrator authentication and disclose sensitive files by injecting SQL code into parameters. Attackers can exploit the key parameter in the login endpoint with union-based SQL injection to authenticate as administrator, then leverage authenticated file disclosure vulnerabilities in language_file.php to read arbitrary PHP files from the server. | ||||
| CVE-2012-0428 | 1 Microfocus | 1 Edirectory | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-0429 | 1 Microfocus | 1 Edirectory | 2025-04-11 | N/A |
| dhost in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote authenticated users to cause a denial of service (daemon crash) via crafted characters in an HTTP request. | ||||
| CVE-2012-0432 | 1 Microfocus | 1 Edirectory | 2025-04-11 | N/A |
| Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 8.8.7.x before 8.8.7.2 allows remote attackers to have an unspecified impact via unknown vectors. | ||||
| CVE-2012-0430 | 1 Microfocus | 1 Edirectory | 2025-04-11 | N/A |
| Unspecified vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote attackers to obtain an administrator cookie and bypass authorization checks via unknown vectors. | ||||
| CVE-2018-7692 | 1 Microfocus | 1 Edirectory | 2024-11-21 | N/A |
| Unvalidated redirect vulnerability in in NetIQ eDirectory before 9.1.1 HF1. | ||||
| CVE-2018-7686 | 1 Microfocus | 1 Edirectory | 2024-11-21 | N/A |
| Information leakage vulnerability in NetIQ eDirectory before 9.1.1 HF1 due to shared memory usage. | ||||
| CVE-2018-17952 | 1 Microfocus | 1 Edirectory | 2024-11-21 | N/A |
| Cross site scripting vulnerability in eDirectory prior to 9.1 SP2 | ||||
| CVE-2018-17950 | 1 Microfocus | 1 Edirectory | 2024-11-21 | N/A |
| Incorrect enforcement of authorization checks in eDirectory prior to 9.1 SP2 | ||||
| CVE-2017-9285 | 2 Microfocus, Netiq | 2 Edirectory, Edirectory | 2024-11-21 | N/A |
| NetIQ eDirectory before 9.0 SP4 did not enforce login restrictions when "ebaclient" was used, allowing unpermitted access to eDirectory services. | ||||
| CVE-2017-7429 | 2 Microfocus, Netiq | 2 Edirectory, Edirectory | 2024-11-21 | N/A |
| The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated attackers to execute JSP applets on the iManager server. | ||||
| CVE-2021-22503 | 1 Microfocus | 1 Edirectory | 2024-09-19 | 5.4 Medium |
| Possible Improper Neutralization of Input During Web Page Generation Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.3.0000. | ||||
| CVE-2021-22533 | 2 Microfocus, Opentext | 2 Edirectory, Edirectory | 2024-09-19 | 6.5 Medium |
| Possible Insertion of Sensitive Information into Log File Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.4.0000. | ||||
| CVE-2021-22532 | 1 Microfocus | 1 Edirectory | 2024-09-19 | 7.6 High |
| Possible NLDAP Denial of Service attack Vulnerability in eDirectory has been discovered in OpenText™ eDirectory before 9.2.4.0000. | ||||
| CVE-2021-38133 | 1 Microfocus | 1 Edirectory | 2024-09-18 | 7.4 High |
| Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. This impact all version before 9.2.6.0000. | ||||
| CVE-2021-38132 | 2 Microfocus, Opentext | 2 Edirectory, Edirectory | 2024-09-18 | 5.3 Medium |
| Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. This impact all version before 9.2.6.0000. | ||||
| CVE-2021-38131 | 1 Microfocus | 1 Edirectory | 2024-09-18 | 5.4 Medium |
| Possible Cross-Site Scripting (XSS) Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.5.0000. | ||||
Page 1 of 1.