CVE-2023-51410

Unrestricted Upload of File with Dangerous Type vulnerability in WPVibes WP Mail Log.This issue affects WP Mail Log: from n/a through 1.1.2...

CVE-2023-51410

creationtimestamp| type| source ---|---|--- 2023-12-29 15:26:50+00:00| seen| https://t.me/ctinow/160549 2023-12-30 01:41:14+00:00| seen| https://t.me/cibsecurity/73980 2024-01-21 15:16:20+00:00| seen| https://t.me/ctinow/170864...

CVE-2023-51410

CVE-2023-51410 targets the WP Mail Log plugin (WPVibes) for WordPress, described as an Unrestricted/Restricted Upload of a file with a dangerous type vulnerability. Public details show the issue affects WP Mail Log versions up through 1.1.2 and is associated with an authenticated (Contributor+) A...

WordPress WP Mail Log Plugin <= 1.1.2 is vulnerable to Arbitrary File Upload

Software WP Mail Log Type Plugin Vulnerable versions = 1.1.2 Fixed in 1.1.3 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2023-51410 Patch priority Medium CVSS severity Medium 9.9 Developer Claim ownership PSID 12226d2698ab Credits Rafie Muhammad Patchstack Required...

Code execution vulnerability in youdianCMS (CNVD-2021-51410)

YouDianCMS set computer website, mobile website, micro letter, APP, small program in one, share space, data automatic synchronization, is the domestic open source five station one excellent solution. YouDianCMS has a code execution vulnerability that can be exploited by attackers to gain control ...

VDG Security SENSE Information Disclosure Vulnerability (CNVD-2015-00379)

VDG Security SENSE is a video management system VMS from VDG Security in the Netherlands. An information disclosure vulnerability exists in VDG Security SENSE version 2.3.13, which allows an authenticated remote user to obtain username and password hashes by logging on to TCP port 51410 and readi...

CVE-2014-9577

VDG Security SENSE formerly DIVA 2.3.13 sends the user database when a user logs in, which allows remote authenticated users to obtain usernames and password hashes by logging in to TCP port 51410 and reading the response...

Default credentials

VDG Security SENSE formerly DIVA 2.3.13 sends the user database when a user logs in, which allows remote authenticated users to obtain usernames and password hashes by logging in to TCP port 51410 and reading the response...

CVE-2014-9577

Affected product/variant: VDG Security SENSE (formerly DIVA) version 2.3.13. Vulnerability type: information disclosure via the login process. Root cause / mechanism: the system sends the user database during login, enabling an authenticated remote user to read the response over TCP port 51410. I...

CVE-2014-9577

VDG Security SENSE formerly DIVA 2.3.13 sends the user database when a user logs in, which allows remote authenticated users to obtain usernames and password hashes by logging in to TCP port 51410 and reading the response...

Symantec AppStream LaunchObj - ActiveX Control Arbitrary File Download and Execute (Metasploit)

$Id: symantecappstreamunsafe.rb 11127 2010-11-24 19:35:38Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Symantec AppStream LaunchObj ActiveX Control Arbitrary File Download and Execute.

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Symantec AppStrea...

Symantec AppStream Client LaunchObj ActiveX Control installAppMgr vulnerability

Added: 03/31/2009 CVE: CVE-2008-4388 BID: 33247 OSVDB: 51410 Background Symantec AppStream is an application deployment framework. Problem The LaunchObj ActiveX control exposes the installAppMgr method, which can be used to download and execute arbitrary code. This could allow command execution...

Symantec AppStream Client LaunchObj ActiveX Control installAppMgr vulnerability

Added: 03/31/2009 CVE: CVE-2008-4388 BID: 33247 OSVDB: 51410 Background Symantec AppStream is an application deployment framework. Problem The LaunchObj ActiveX control exposes the installAppMgr method, which can be used to download and execute arbitrary code. This could allow command execution...

Symantec AppStream LaunchObj ActiveX Control Arbitrary File Download and Execute

This module exploits a vulnerability in Symantec AppStream Client 5.x. The vulnerability is in the LaunchObj ActiveX control launcher.dll 5.1.0.82 containing the "installAppMgr" method. The insecure method can be exploited to download and execute arbitrary files in the context of the currently...