97 matches found
Laravel Ignition Remote Code Execution (CVE-2021-3129)
A remote code execution vulnerability exists in Laravel Ignition. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Exploit for CVE-2021-3129
CVE-2021-3129exploit Exploit for CVE-2021-3129 Lab setup:...
Exploit for CVE-2021-3129
CVE-2021-3129exploit Exploit for CVE-2021-3129 Lab setup:...
Exploit for CVE-2021-3129
laravel-CVE-2021-3129-EXP CVE-2021-3129: One-click g...
Exploit for CVE-2021-3129
laravel-exploits Exploit for CVE-2021-3129 Details: https://ww...
CVE-2021-3129
creationtimestamp| type| source ---|---|--- 2021-01-12 18:52:35+00:00| seen| https://t.me/cibsecurity/21947 2021-01-23 14:27:59+00:00| published-proof-of-concept| Telegram/V0JRptGFrgnQJ2SXhKrSjD8wR0dUer2UmfcxEmcwlwjBg 2021-01-24 14:36:01+00:00| seen| https://t.me/CyberSecurityTechnologies/2562...
CVE-2021-3129
Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of filegetcontents and fileputcontents. This is exploitable on sites using debug mode with Laravel before 8.4.2...
CVE-2021-3129
CVE-2021-3129 affects Laravel Ignition (and Laravel < 8.4.2) where insecure use of file_get_contents()/file_put_contents in debug mode allows unauthenticated RCE. Exploitable versions: Laravel Ignition < 2.5.2 and Laravel
CVE-2021-3129
Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of filegetcontents and fileputcontents. This is exploitable on sites using debug mode with Laravel before 8.4.2. Recent assessments: ccondon-r7...
CVE-2020-3129
CVE-2020-3129 describes a stored cross-site scripting (XSS) vulnerability in the web-based management interface of Cisco Unity Connection Software. The issue arises from insufficient input validation in the interface, allowing an authenticated, remote attacker to supply crafted data that can be s...
CVE-2018-3129
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Portal. Supported versions that are affected are 8.55, 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...
CVE-2018-3129
The CVE-2018-3129 entry concerns Oracle PeopleSoft Enterprise PeopleTools Portal (PeopleTools component). Affected products/versions are PeopleSoft Portal, versions 8.55, 8.56 and 8.57. The vulnerability allows an unauthenticated, network-accessible attacker to exploit over HTTP, with user intera...
CVE-2018-3129
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Portal. Supported versions that are affected are 8.55, 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...
WordPress < 3.1.3 Multiple Vulnerabilities
According to its self-reported version number, the WordPress application running on the remote web server is prior to 3.1.3. It is, therefore, affected by multiple unspecified vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's...
CVE-2017-3129
CVE-2017-3129 is an XSS vulnerability in Fortinet FortiWeb (Site Publisher) affecting FortiWeb versions 5.7.1 and earlier. It allows an attacker to execute unauthorized code or commands via an improperly sanitized POST parameter. Public references indicate advisories (e.g., FG-IR-17-076) and mult...
CVE-2017-3129
A Cross-Site Scripting vulnerability in Fortinet FortiWeb versions 5.7.1 and below allows attacker to execute unauthorized code or commands via an improperly sanitized POST parameter in the FortiWeb Site Publisher feature...
CVE-2016-3129
The CVE-2016-3129 entry describes a remote code execution vulnerability in BlackBerry Good Enterprise Mobility Server (GEMS) via the Apache Karaf command shell. Affected versions are 2.1.5.3 through 2.2.22.25. An attacker can execute commands to gain local administrator rights on the GEMS server....
Ubuntu: Security Advisory (USN-3129-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-4430
Technical details about CVE-2015-4430 are not publicly provided in the supplied connected documents. The CIRCL/Nessus entries reference related CVEs but do not disclose affected products, root cause, or remediation for this specific ID. Monitor for updates.
CVE-2015-3129
Technical details about CVE-2015-3129 are not provided in the supplied documents; no affected products, vulnerable components, impact, or remediation are disclosed. Monitor for official updates.