CVE-2020-24627

A remote stored xss vulnerability was discovered in HPE KVM IP Console Switches versions: G2 4x1Ex32 Prior to 2.8.3...

CVE-2020-24628

A remote code injection vulnerability was discovered in HPE KVM IP Console Switches versions: G2 4x1Ex32 Prior to 2.8.3...

OpenVPN Access Server Denial of Service Vulnerability

OpenVPN is a software package from the American company OpenVPN for creating encrypted tunnels for Virtual Private Networks VPNs, which uses the OpenSSL library to encrypt data and control information, and allows created VPNs to be authenticated using public keys, electronic certificates, or...

PT-2019-11640

Name of the Vulnerable Software and Affected Versions: ansible versions 2.8.0 through 2.8.3 Description: A flaw was found in the way sensitive data is handled. Fields managing sensitive data should be set as such by the no log feature. However, some fields in GCP modules are not set properly. The...

[SECURITY] Fedora 28 Update: cobbler-2.8.3-2.fc28

Cobbler is a network install server. Cobbler supports PXE, ISO virtualized installs, and re-installing existing Linux machines. The last two modes use a helper tool, 'koan', that integrates with cobbler. There is also a web interface 'cobbler-web'. Cobbler's advanced features include importing...

Piwigo cross-site scripting vulnerability (CNVD-2017-30482)

Piwigo is a web-based photo album software from the Piwigo team. The software supports photo publishing, management, multiple browsing options categories, tags, time and more. A cross-site scripting vulnerability exists in versions prior to Piwigo 2.8.3. A remote attacker can exploit this...

Piwigo Access Restriction Bypass Vulnerability

Piwigo is a web-based photo album software from the Piwigo team. The software supports photo publishing, management, multiple browsing options categories, tags, time, and more. An access restriction bypass vulnerability exists in the urlcheckformat in the include/functions.inc.php file in version...

ClipBucket 2.8.3 - Remote Code Execution

Exploit Title: ClipBucket PHP Script Remote Code Execution RCE Date: 2017-10-04 Exploit Author: Esecurity.ir Vendor Homepage: https://clipbucket.com/ Version: 2.8.3 Exploit Code By : Meisam Monsef - Email : [email protected] - TelgramID : @meisamrce Usage Exploit : exploit.py...

ClipBucket 2.8.3 - Remote Code Execution Exploit

Exploit for php platform in category web applications Exploit Title: ClipBucket PHP Script Remote Code Execution RCE Date: 2017-10-04 Exploit Author: Esecurity.ir Vendor Homepage: https://clipbucket.com/ Version: 2.8.3 Exploit Code By : Meisam Monsef - Email : email protected - TelgramID :...

ClipBucket 2.8.3 - Multiple Vulnerabilities

Exploit for php platform in category web applications @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ .:. Exploit Title ClipBucket 2.8.3 - Multiple Vulnerabilities .:. Google Dorks .:. "Forged by ClipBucket" inurl:viewcollection.php?cid= .:. Date: August 15,...

ClipBucket 2.8.3 - Multiple Vulnerabilities

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ .:. Exploit Title ClipBucket 2.8.3 - Multiple Vulnerabilities .:. Google Dorks .:. "Forged by ClipBucket" inurl:viewcollection.php?cid= .:. Date: August 15, 2017 .:. Exploit Author: bRpsd .:. Skype contact: vegno...

PT-2017-8338 · Pulp · Pulp

Name of the Vulnerable Software and Affected Versions: Pulp versions prior to 2.8.3 Description: The issue allows local users to leak keys or write to arbitrary files via a symlink attack, specifically targeting the pulp-gen-nodes-certificate script in Pulp. Recommendations: For versions prior to...

PT-2017-8337 · Pulp · Pulp

Name of the Vulnerable Software and Affected Versions: Pulp versions prior to 2.8.3 Description: The issue concerns a world-readable file containing the private key for the Node certificate, stored in the "/etc/pki/pulp/nodes/" directory. This allows local users to access sensitive data,...

PT-2017-8341 · Pulp · Pulp

Name of the Vulnerable Software and Affected Versions: Pulp versions prior to 2.8.3 Description: The issue allows remote authenticated users to obtain consumer private keys and escalate privileges. This is due to the world-readable writing of consumer private keys to...

CVE-2016-3106

Pulp before 2.8.3 creates a temporary directory during CA key generation in an insecure manner...

Information disclosure

Pulp before 2.8.3 creates a temporary directory during CA key generation in an insecure manner...

CVE-2016-3106

Pulp before 2.8.3 creates a temporary directory during CA key generation in an insecure manner...

CVE-2016-10085

admin/languages.php in Piwigo through 2.8.3 allows remote authenticated administrators to conduct File Inclusion attacks via the tab parameter...

CVE-2016-10084

admin/batchmanager.php in Piwigo through 2.8.3 allows remote authenticated administrators to conduct File Inclusion attacks via the $page'tab' variable aka the mode parameter...

CVE-2016-10085

admin/languages.php in Piwigo through 2.8.3 allows remote authenticated administrators to conduct File Inclusion attacks via the tab parameter...