28 matches found
CVE-2026-28995
creationtimestamp| type| source ---|---|--- 2026-05-12 10:21:51+00:00| seen| https://www.thezdi.com/blog/2026/5/12/the-apple-macos-security-update-review 2026-05-12 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/apple-products-multiple-vulnerabilities20260513 2026-05-26...
CVE-2025-28995
Missing Authorization vulnerability in viralloops Viral Loops WP Integration viral-loops-wp-integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Viral Loops WP Integration: from n/a through = 3.8.1...
CVE-2025-28995 WordPress Viral Loops WP Integration plugin <= 3.8.1 - Broken Access Control Vulnerability
Missing Authorization vulnerability in viralloops Viral Loops WP Integration viral-loops-wp-integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Viral Loops WP Integration: from n/a through = 3.8.1...
CVE-2025-28995
CVE-2025-28995 applies to Viral Loops WP Integration (WordPress plugin). The issue is described as a Missing Authorization vulnerability due to misconfigured access control levels, affecting Viral Loops WP Integration versions up to 3.8.1 (no fixed version specified in the provided documents). CV...
WordPress Viral Loops WP Integration plugin <= 3.8.1 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by ch4r0n in WordPress Plugin Viral Loops WP Integration versions = 3.8.1...
SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal
Exploit Title: SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal Date: 2025-05-28 Exploit Author: @ibrahimsql Exploit Author's github: https://github.com/ibrahimsql Vendor Homepage: https://www.solarwinds.com/serv-u-managed-file-transfer-server Software Link:...
CVE-2022-28995
Rengine v1.0.2 was discovered to contain a remote code execution RCE vulnerability via the yaml configuration function...
SolarWinds Serv-U Unauthenticated Arbitrary File Read
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SolarWinds Serv-U Unauthenticated Arbitrary File Read', 'Description' = %q This module exploits an unauthenticated file read vulnerability, due t...
Cisco Warns of Critical Flaw Affecting On-Prem Smart Software Manager
Cisco has released patches to address a maximum-severity security flaw impacting Smart Software Manager On-Prem Cisco SSM On-Prem that could enable a remote, unauthenticated attacker to change the password of any users, including those belonging to administrative users. The vulnerability, tracked...
Exploit for Path Traversal in Solarwinds Serv-U
CVE-2024-28995 Automated Path Traversal & Local File Read...
Exploit for Path Traversal in Solarwinds Serv-U
CVE-2024-28995-SolarWinds-Serv-U SolarWinds Serv-U File Serv...
SolarWinds Serv-U Vulnerability Under Active Attack - Patch Immediately
A recently patched high-severity flaw impacting SolarWinds Serv-U file transfer software is being actively exploited by malicious actors in the wild. The vulnerability, tracked as CVE-2024-28995 CVSS score: 8.6, concerns a directory transversal bug that could allow attackers to read sensitive fil...
Exploit for Path Traversal in Solarwinds Serv-U
CVE-2024-28995 PoC and Bulk Scanner Overview This reposit...
Exploit for Path Traversal in Solarwinds Serv-U
Exploit For CVE-2024-28995 On June 5, 2024, SolarWinds publi...
Exploit for Path Traversal in Solarwinds Serv-U
CVE-2024-28995 Nuclei Template Checks for directory traversal...
CVE-2024-28995
creationtimestamp| type| source ---|---|--- 2024-06-14 04:14:29+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/7647 2024-06-14 08:12:01+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/7651 2024-06-14 09:48:38+00:00| published-proof-of-concept|...
CVE-2024-28995: Trivially Exploitable Information Disclosure Vulnerability in SolarWinds Serv-U
On June 5, 2024, SolarWinds disclosed CVE-2024-28995, a high-severity directory traversal vulnerability affecting their Serv-U file transfer server, which comes in two editions Serv-U FTP and Serv-U MFT. Successful exploitation of the vulnerability allows unauthenticated attackers to read sensiti...
SolarWinds Serv-U < 15.4.2 HF2
The version of SolarWinds Serv-U installed on the remote host is prior to 15.4.2 HF2. It is, therefore, affected by a vulnerability as referenced in the solarwindsserv-u1542hf2 advisory. - SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read...
CVE-2024-28995
SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine...
CVE-2024-28995
CVE-2024-28995 is a directory traversal vulnerability in SolarWinds Serv-U that allows unauthenticated attackers to read sensitive host files. The flaw affects Serv-U and can be triggered via crafted directory/file paths (e.g., using InternalDir/InternalFile payloads) to access local logs and sys...