CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2021-38131 – Cross-Site Scripting (XSS) Vulnerability
https://notcve.org/view.php?id=CVE-2021-38131
Possible Cross-Site Scripting (XSS) Vulnerability in eDirectory has been discovered in OpenTextâ„¢ eDirectory 9.2.5.0000. • https://www.netiq.com/documentation/edirectory-92/edirectory926_releasenotes/data/edirectory926_releasenotes.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-38132 – Possible External service interaction Vulnerability
https://notcve.org/view.php?id=CVE-2021-38132
Possible External Service Interaction attack in eDirectory has been discovered in OpenTextâ„¢ eDirectory. This impact all version before 9.2.6.0000. • https://www.netiq.com/documentation/edirectory-92/edirectory926_releasenotes/data/edirectory926_releasenotes.html • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2021-38133 – Possible Improper authentication Vulnerability in OpenText eDirectory
https://notcve.org/view.php?id=CVE-2021-38133
Possible External Service Interaction attack in eDirectory has been discovered in OpenTextâ„¢ eDirectory. This impact all version before 9.2.6.0000. • https://www.netiq.com/documentation/edirectory-92/edirectory926_releasenotes/data/edirectory926_releasenotes.html • CWE-521: Weak Password Requirements •
CVSS: 10.0EPSS: 0%CPEs: 43EXPL: 0CVE-2008-5092
https://notcve.org/view.php?id=CVE-2008-5092
Heap-based buffer overflows in Novell eDirectory HTTP protocol stack (HTTPSTK) before 8.8 SP3 have unknown impact and attack vectors related to the (1) HTTP language header and (2) HTTP content-length header. Desbordamiento de búfer basado en montículo en la pila del protocolo HTTP en Novell eDirectory (HTTPSTK) versiones anteriores a v8.8 SP3 tiene un impacto y vectores de ataque desconocidos relaciona a (1) cabeceras del lenguaje HTTP y (2) cabeceras "content-length" HTTP. • http://www.novell.com/support/viewContent.do?externalId=3426981 http://www.securityfocus.com/bid/30947 http://www.securitytracker.com/id?1020786 http://www.vupen.com/english/advisories/2008/2462 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2002-1552
https://notcve.org/view.php?id=CVE-2002-1552
Novell eDirectory (eDir) 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager. • http://marc.info/?l=bugtraq&m=103712498905027&w=2 http://marc.info/?l=bugtraq&m=103712790808781&w=2 http://www.securityfocus.com/bid/6163 https://exchange.xforce.ibmcloud.com/vulnerabilities/10604 •