Lucene search
CVE-2013-1080
The web server in Novell ZCM 10.3 and 11.2 before 11.2.4 allows directory traversal attacks via TCP port 443
Show more
| Reporter | Title | Published | Views | Family All 17 |
|---|---|---|---|---|
 | Novell ZENworks Control Center File Upload Remote Code Execution Vulnerability | 22 Mar 201300:00 | – | zdi |
 | Novell ZENworks Configuration Management Remote Execution | 30 Mar 201318:35 | – | metasploit |
 | Novell ZENworks Configuration Management Remote Execution | 2 Apr 201300:00 | – | zdt |
 | Novell ZENworks Configuration Management Remote Execution | 2 Apr 201300:00 | – | packetstorm |
 | Novell ZENworks Control Center File Upload Remote Code Execution | 28 Mar 201300:00 | – | nessus |
| Novell ZENworks Control Center File Upload Remote Code Execution (intrusive check) | 18 Jun 201300:00 | – | nessus |
 | Novell ZENworks Configuration Management 11 SP2 File Upload | 30 Apr 201300:00 | – | dsquare |
 | CVE-2013-1080 | 29 Mar 201310:00 | – | cvelist |
 | CVE-2013-1080 | 29 Mar 201316:09 | – | nvd |
 | Novell ZENworks Control Center file upload vulnerability | 3 May 201300:00 | – | saint |
10
Node
| Source | Link |
|---|---|
| novell | www.novell.com/support/kb/doc.php |
| novell | www.novell.com/support/kb/doc.php |
| zerodayinitiative | www.zerodayinitiative.com/advisories/ZDI-13-049/ |
| exploit-db | www.exploit-db.com/exploits/24938 |
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| mainPage:_ctrl21a:FindFile:filePathTextBox | request body | /zenworks/jsp/index.jsp?pageid=newDocumentWizard | Allows unauthenticated file upload leading to arbitrary code execution due to insufficient authentication. | CWE-287 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo29 Mar 2013 16:09Current
7.5High risk
Vulners AI Score7.5
CVSS210
EPSS0.72916