86 matches found
SAP HANA Sinopia - default user creation policy insecure
Application: SAP HANA Versions Affected: SAP HANA SPS12 Vendor URL: SAP Bug: Insecure default configuration Reported: 13.12.2016 Vendor response: 14.12.2016 Date of Public Advisory: 14.02.2017 Reference: SAP Security Note 2407694 Author: Mathieu Geli ERPScan VULNERABILITY INFORMATION Class:...
Eir D1000 Wireless Router - WAN Side Remote Command Injection (Metasploit) Exploit
Exploit for hardware platform in category remote exploits Exploit Title: Eir D1000 Wireless Router - WAN Side Remote Command Injection Date: 7th November 2016 Exploit Author: Kenzo Website: https://devicereversing.wordpress.com Tested on Firmware version: 2.00AADU.520150909 Type: Webapps Platform...
Wordpress ajax-random-post plugin cross-site scripting vulnerability
WordPress is the WordPress Software Foundation a set of blogging platform developed using the PHP language , the platform supports in PHP and MySQL servers to set up a personal blog site . xx is one of the use of Ajax to get the posts of the plugin . A cross-site scripting vulnerability exists in...
CVE-2015-2135
Unspecified vulnerability in HP Intelligent Provisioning 1.00 through 1.62a, 2.00, and 2.10 allows remote attackers to execute arbitrary code via unknown vectors...
Openannuaire Openmairie Annuaire 2.00 (RFI/LFI) Multiple File Include Vulnerability
No description provided by source. =================================================================================== Openannuaire Openmairie Annuaire 2.00 RFI/LFI Multiple File Include Vulnerability =================================================================================== + Openannuai...
Openfoncier 2.00 (RFI/LFI) Multiple File Include Vulnerability
No description provided by source. ============================================================== Openfoncier 2.00 RFI/LFI Multiple File Include Vulnerability ============================================================== + Openfoncier 2.00 RFI/LFI Multiple File Include Vulnerability...
Design/Logic Flaw
ack 2.00 through 2.1102 allows remote attackers to execute arbitrary code via a 1 --pager, 2 --regex, or 3 --output option in a .ackrc file in a directory to be searched...
CVE-2013-7069
ack 2.00 through 2.1102 allows remote attackers to execute arbitrary code via a 1 --pager, 2 --regex, or 3 --output option in a .ackrc file in a directory to be searched...
D-Link DIR-605 - Cross-Site Request Forgery
D-Link DIR-605 - Cross-Site Request Forgery Exploit Title: D-Link DIR-605 CSRF Vulnerability Date: 20-03-2012 Author: iqzer0++ Version: Firmware Version : 2.00 Tested on: DIR-605 This allows unauthroized access to the device and post injections document.bypass.submit;...
D-Link DIR-605 CSRF Vulnerability
Exploit for hardware platform in category web applications Exploit Title: D-Link DIR-605 CSRF Vulnerability Date: 20-03-2012 Author: iqzer0++ Version: Firmware Version : 2.00 Tested on: DIR-605 This allows unauthroized access to the device and post injections document.bypass.submit; 0day.today...
D-Link DIR-605 Cross Site Request Forgery
Exploit Title: D-Link DIR-605 CSRF Vulnerability Date: 20-03-2012 Author: iqzer0++ Version: Firmware Version : 2.00 Tested on: DIR-605 This allows unauthroized access to the device and post injections document.bypass.submit;...
D-Link DIR-605 - Cross-Site Request Forgery
Exploit Title: D-Link DIR-605 CSRF Vulnerability Date: 20-03-2012 Author: iqzer0++ Version: Firmware Version : 2.00 Tested on: DIR-605 This allows unauthroized access to the device and post injections document.bypass.submit;...
PHPFood CMS 2.00 SQL Injection
PhpFood CMS restaurant.php?id= SQL Injection Vulnerability Author : kaMtiEz [email protected] / / Homepage : http://www.indonesiancoder.com / http://exploit-id.com / http://magelangcyber.web.id Date : 3 July, 2011 Software Information + Vendor : http://www.phpfood.com/ + Download :...
D-Link WBR-1310 - Authentication Bypass
D-Link WBR-1310 - Authentication Bypass Exploit Title: D-Link WBR-1310 Authentication Bypass Vulnerability Shodan Dork: Embedded HTTP Server 2.00 Date: 22-Dec-2010 Author: Craig Heffner, /dev/ttyS0 Software Link: http://www.dlink.com/products/?pid=474 Version: 2.00 Tested on: WBR-1301, firmware...
D-Link WBR-1310 - Authentication Bypass
Exploit Title: D-Link WBR-1310 Authentication Bypass Vulnerability Shodan Dork: Embedded HTTP Server 2.00 Date: 22-Dec-2010 Author: Craig Heffner, /dev/ttyS0 Software Link: http://www.dlink.com/products/?pid=474 Version: 2.00 Tested on: WBR-1301, firmware version 2.00 The CGI scripts in the D-Lin...
CVE-2010-2718
CruxPA 2.00 (CruxSoftware) is affected by CVE-2010-2718 due to input sanitation failures that enable cross-site scripting. The vulnerabilities are triggered via: (1) txtusername in login.php, (2) todo in newtodo.php, and unspecified vectors in (3) newtelephone.php and (4) newappointment.php. Open...
XSS vulnerability in CruxPA
Vulnerability ID: HTB22449 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityincruxpa.html Product: CruxPA Vendor: CruxSoftware Vulnerable Version: 2.00 and Probably Prior Versions Vendor Notification: 21 June 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendor...
CVE-2010-1945
Multiple PHP remote file inclusion vulnerabilities in openMairie Openfoncier 2.00, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the pathom parameter to 1 action.class.php, 2 architecte.class.php, 3 avis.class.php, 4 bible.class.php, and 5...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in openMairie Openfoncier 2.00, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the pathom parameter to 1 action.class.php, 2 architecte.class.php, 3 avis.class.php, 4 bible.class.php, and 5...
CVE-2010-1945
Multiple PHP remote file inclusion vulnerabilities in openMairie Openfoncier 2.00, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the pathom parameter to 1 action.class.php, 2 architecte.class.php, 3 avis.class.php, 4 bible.class.php, and 5...