Lucene search
+L

97 matches found

Check Point Advisories
Check Point Advisories
added 2021/02/01 12:0 a.m.67 views

Laravel Ignition Remote Code Execution (CVE-2021-3129)

A remote code execution vulnerability exists in Laravel Ignition. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.9AI score0.99943EPSS
Exploits36
GithubExploit
GithubExploit
added 2021/01/27 10:16 a.m.8 views

Exploit for CVE-2021-3129

CVE-2021-3129exploit Exploit for CVE-2021-3129 Lab setup:...

9.8CVSS9.8AI score0.99943EPSS
Exploits36
GithubExploit
GithubExploit
added 2021/01/27 10:16 a.m.230 views

Exploit for CVE-2021-3129

CVE-2021-3129exploit Exploit for CVE-2021-3129 Lab setup:...

9.8CVSS9.8AI score0.99943EPSS
Exploits36
GithubExploit
GithubExploit
added 2021/01/25 8:42 a.m.305 views

Exploit for CVE-2021-3129

laravel-CVE-2021-3129-EXP CVE-2021-3129: One-click g...

9.8CVSS7.2AI score0.99943EPSS
Exploits36
GithubExploit
GithubExploit
added 2021/01/13 12:52 p.m.215 views

Exploit for CVE-2021-3129

laravel-exploits Exploit for CVE-2021-3129 Details: https://ww...

9.8CVSS9.8AI score0.99943EPSS
Exploits36
Circl
Circl
added 2021/01/12 6:52 p.m.9 views

CVE-2021-3129

creationtimestamp| type| source ---|---|--- 2021-01-12 18:52:35+00:00| seen| https://t.me/cibsecurity/21947 2021-01-23 14:27:59+00:00| published-proof-of-concept| Telegram/V0JRptGFrgnQJ2SXhKrSjD8wR0dUer2UmfcxEmcwlwjBg 2021-01-24 14:36:01+00:00| seen| https://t.me/CyberSecurityTechnologies/2562...

9.8CVSS7.9AI score0.99943EPSS
In wildExploits36References41
Vulnrichment
Vulnrichment
added 2021/01/12 2:7 p.m.8 views

CVE-2021-3129

Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of filegetcontents and fileputcontents. This is exploitable on sites using debug mode with Laravel before 8.4.2...

10AI score0.99943EPSS
Exploits36References4
CVE
CVE
added 2021/01/12 2:7 p.m.1066 views

CVE-2021-3129

CVE-2021-3129 affects Laravel Ignition (and Laravel < 8.4.2) where insecure use of file_get_contents()/file_put_contents in debug mode allows unauthenticated RCE. Exploitable versions: Laravel Ignition < 2.5.2 and Laravel

9.8CVSS9.7AI score0.99943EPSS
In wildExploits36References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/01/12 12:0 a.m.128 views

CVE-2021-3129

Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of filegetcontents and fileputcontents. This is exploitable on sites using debug mode with Laravel before 8.4.2. Recent assessments: ccondon-r7...

9.8CVSS9.9AI score0.99943EPSS
In wildExploits36References5
CVE
CVE
added 2020/01/26 4:31 a.m.149 views

CVE-2020-3129

CVE-2020-3129 describes a stored cross-site scripting (XSS) vulnerability in the web-based management interface of Cisco Unity Connection Software. The issue arises from insufficient input validation in the interface, allowing an authenticated, remote attacker to supply crafted data that can be s...

4.8CVSS4.8AI score0.00622EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/10/17 1:0 a.m.21 views

CVE-2018-3129

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Portal. Supported versions that are affected are 8.55, 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

3.7AI score0.01768EPSS
Exploits0References3
CVE
CVE
added 2018/10/17 1:0 a.m.45 views

CVE-2018-3129

The CVE-2018-3129 entry concerns Oracle PeopleSoft Enterprise PeopleTools Portal (PeopleTools component). Affected products/versions are PeopleSoft Portal, versions 8.55, 8.56 and 8.57. The vulnerability allows an unauthenticated, network-accessible attacker to exploit over HTTP, with user intera...

4.3CVSS3.5AI score0.01768EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2018/10/17 1:0 a.m.8 views

CVE-2018-3129

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Portal. Supported versions that are affected are 8.55, 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

5.1AI score0.01768EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/01/26 12:0 a.m.36 views

WordPress < 3.1.3 Multiple Vulnerabilities

According to its self-reported version number, the WordPress application running on the remote web server is prior to 3.1.3. It is, therefore, affected by multiple unspecified vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's...

10CVSS5.5AI score0.02573EPSS
Exploits0References9
CVE
CVE
added 2017/05/26 10:0 p.m.50 views

CVE-2017-3129

CVE-2017-3129 is an XSS vulnerability in Fortinet FortiWeb (Site Publisher) affecting FortiWeb versions 5.7.1 and earlier. It allows an attacker to execute unauthorized code or commands via an improperly sanitized POST parameter. Public references indicate advisories (e.g., FG-IR-17-076) and mult...

6.1CVSS6.2AI score0.00713EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/05/26 10:0 p.m.21 views

CVE-2017-3129

A Cross-Site Scripting vulnerability in Fortinet FortiWeb versions 5.7.1 and below allows attacker to execute unauthorized code or commands via an improperly sanitized POST parameter in the FortiWeb Site Publisher feature...

6.2AI score0.00713EPSS
Exploits0References2
CVE
CVE
added 2016/12/16 9:2 a.m.43 views

CVE-2016-3129

The CVE-2016-3129 entry describes a remote code execution vulnerability in BlackBerry Good Enterprise Mobility Server (GEMS) via the Apache Karaf command shell. Affected versions are 2.1.5.3 through 2.2.22.25. An attacker can execute commands to gain local administrator rights on the GEMS server....

8.5CVSS6.6AI score0.02895EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2016/12/05 12:0 a.m.57 views

Ubuntu: Security Advisory (USN-3129-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.2CVSS7.4AI score0.00395EPSS
Exploits0References2
CVE
CVE
added 2015/07/09 4:0 p.m.84 views

CVE-2015-4430

Technical details about CVE-2015-4430 are not publicly provided in the supplied connected documents. The CIRCL/Nessus entries reference related CVEs but do not disclose affected products, root cause, or remediation for this specific ID. Monitor for updates.

10CVSS7.5AI score0.32792EPSS
Exploits0References7Affected Software3
CVE
CVE
added 2015/07/09 4:0 p.m.88 views

CVE-2015-3129

Technical details about CVE-2015-3129 are not provided in the supplied documents; no affected products, vulnerable components, impact, or remediation are disclosed. Monitor for official updates.

10CVSS7.5AI score0.06744EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder