CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 1CVE-2002-0502 – Citrix Nfuse 1.6 - Published Applications Information Leak
https://notcve.org/view.php?id=CVE-2002-0502
Citrix NFuse 1.6 may allow remote attackers to list applications without authentication by accessing the applist.asp page. • https://www.exploit-db.com/exploits/21235 http://www.securityfocus.com/archive/1/251737 http://www.securityfocus.com/archive/1/251923 http://www.securityfocus.com/bid/3926 https://exchange.xforce.ibmcloud.com/vulnerabilities/7984 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2002-0503
https://notcve.org/view.php?id=CVE-2002-0503
Directory traversal vulnerability in boilerplate.asp for Citrix NFuse 1.5 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the NFuse_Template parameter. Vulnerabilidad de atravesamiento de directorios en boilerplate.asp para Citrix NFuse 1.5 permite a usuarios identificados remotamente leer ficheros mediante un .. (punto punto) en el parámetro NFuse_Template. • http://archives.neohapsis.com/archives/bugtraq/2002-03/0343.html http://www.iss.net/security_center/static/8654.php http://www.securityfocus.com/bid/4382 •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 4CVE-2002-0504 – Citrix NFuse 1.51/1.6 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2002-0504
Cross-site scripting vulnerability in Citrix NFuse 1.6 and earlier does not quote results from the getLastError method, which allows remote attackers to execute script in other clients via the NFuse_Application parameter to (1) launch.jsp or (2) launch.asp. Vulnerabilidad de secuencias de comandos de sitios cruzados (cross-site scripting) en Citrix NFuse 1.6 y anteriores no pone entre comillas a los resultados del método getLastError, lo que permite a atacantes remotos ejecutar comandos en otros clientes mediante el parámetro NFuse_Application para lanzar launch.jsp o launch.asp. • https://www.exploit-db.com/exploits/21355 http://archives.neohapsis.com/archives/bugtraq/2002-03/0334.html http://www.iss.net/security_center/static/8659.php http://www.securityfocus.com/bid/4372 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2002-0301
https://notcve.org/view.php?id=CVE-2002-0301
Citrix NFuse 1.6 allows remote attackers to bypass authentication and obtain sensitive information by directly calling launch.asp with invalid NFUSE_USER and NFUSE_PASSWORD parameters. Citrix NFuse 1.6 permite a atacantes remotos sortear la autenticación y obtener información sensible llamando directamente a launch.asp con parámetros NFUSE_USER y NFUSE_PASSWORD inválidos. • http://marc.info/?l=bugtraq&m=101424947801895&w=2 http://www.securityfocus.com/bid/4142 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2001-1192
https://notcve.org/view.php?id=CVE-2001-1192
Citrix Independent Computing Architecture (ICA) Client for Windows 6.1 allows remote malicious web sites to execute arbitrary code via a .ICA file, which is downloaded and automatically executed by the client. El cliente Citrix Independent Computing Architecture (ICA) para Windows 6.1 permite a sitios web remotos con intenciones maliciosas, la ejecución de código arbitrario mediante un fichero .ICA, que es descargado y automáticamente ejecutado por el cliente. • http://www.securityfocus.com/archive/1/245342 http://www.securityfocus.com/cgi-bin/vulns-item.pl?section=info&id=3688 https://exchange.xforce.ibmcloud.com/vulnerabilities/7697 •