CVE-2021-27358

The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call if a commonly used configuration is set...

Command injection

A vulnerability in the Command Runner tool of Cisco DNA Center could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to insufficient input validation by the Command Runner tool. An attacker could exploit this vulnerability by providing craft...

CVE-2021-1264 Cisco DNA Center Command Runner Command Injection Vulnerability

A vulnerability in the Command Runner tool of Cisco DNA Center could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to insufficient input validation by the Command Runner tool. An attacker could exploit this vulnerability by providing craft...

Cisco DNA Center Command Runner Command Injection Vulnerability

A vulnerability in the Command Runner tool of Cisco DNA Center could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to insufficient input validation by the Command Runner tool. An attacker could exploit this vulnerability by providing craft...

CVE-2020-3984

The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3 and 3.4.x prior to 3.4.4 does not apply correct input validation which allows for SQL-injection. An authenticated SD-WAN Orchestrator user may exploit a vulnerable API call using specially crafted SQL queries which may lead to unauthorized data acce...

Sql injection

The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3 and 3.4.x prior to 3.4.4 does not apply correct input validation which allows for SQL-injection. An authenticated SD-WAN Orchestrator user may exploit a vulnerable API call using specially crafted SQL queries which may lead to unauthorized data acce...

CVE-2020-3984

The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3 and 3.4.x prior to 3.4.4 does not apply correct input validation which allows for SQL-injection. An authenticated SD-WAN Orchestrator user may exploit a vulnerable API call using specially crafted SQL queries which may lead to unauthorized data acce...

CVE-2020-9049

A vulnerability in specified versions of American Dynamics victor Web Client and Software House C•CURE Web Client could allow an unauthenticated attacker on the network to create and sign their own JSON Web Token and use it to execute an HTTP API Method without the need for valid...

CVE-2020-8183

A logic error in Nextcloud Server 19.0.0 caused a plaintext storage of the share password when it was given on the initial create API call...

CVE-2020-8183

A logic error in Nextcloud Server 19.0.0 caused a plaintext storage of the share password when it was given on the initial create API call...

Design/Logic Flaw

A logic error in Nextcloud Server 19.0.0 caused a plaintext storage of the share password when it was given on the initial create API call...

MOVEit Transfer 11.1.1 - 'token' Unauthenticated SQL Injection

Exploit Title: MOVEit Transfer 11.1.1 - 'token' Unauthenticated SQL Injection Google Dork: inurl:human.aspx intext:moveit Date: 2020-10-05 Exploit Author: Aviv Beniash Vendor Homepage: https://www.ipswitch.com/ Version: MOVEit Transfer 2018 SP2 before 10.2.4, 2019 before 11.0.2, and 2019.1 before...

Code injection

FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 an...

CVE-2020-12003

CVE-2020-12003 affects Rockwell Automation products including FactoryTalk Linx (v6.00, 6.10, 6.11), RSLinx Classic (v4.11.00 and prior), Connected Components Workbench (v12 and prior), ControlFLASH (v14+), ControlFLASH Plus (v1+), FactoryTalk Asset Centre (v9+), FactoryTalk Linx CommDTM (v1+), St...

Cisco IOx for IOS XE Software Privilege Escalation (cisco-sa-ioxPE-KgGvCAf9)

According to its self-reported version, Cisco IOS XE Software is affected by a vulnerability in the authorization controls for the Cisco IOx application hosting infrastructure due to incorrect handling of requests for authorization tokens. An unauthenticated, remote attacker can exploit this, by...

Nextcloud -- Password share by mail not hashed

The Nextcloud project reports: NC-SA-2020-026 low: Password of share by mail is not hashed when given on the create share call A logic error in Nextcloud Server 19.0.0 caused a plaintext storage of the share password when it was given on the initial create API call...

CVE-2020-13412

An issue was discovered in Aviatrix Controller before 5.4.1204. An API call on the web interface lacked a session token check to control access, leading to CSRF...

MOVEit Transfer 11.1.1 - (token) Unauthenticated SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: MOVEit Transfer 11.1.1 - 'token' Unauthenticated SQL Injection Google Dork: inurl:human.aspx intext:moveit Exploit Authors: Aviv Beniash, Noam Moshe Vendor Homepage: https://www.ipswitch.com/ Version: MOVEit Transfer 2018 SP2...

MOVEit Transfer 11.1.1 - 'token' Unauthenticated SQL Injection

Exploit Title: MOVEit Transfer 11.1.1 - 'token' Unauthenticated SQL Injection Google Dork: inurl:human.aspx intext:moveit Date: 2020-04-12 Exploit Authors: Aviv Beniash, Noam Moshe Vendor Homepage: https://www.ipswitch.com/ Version: MOVEit Transfer 2018 SP2 before 10.2.4, 2019 before 11.0.2, and...

Endless Group: Enumeration of username on password reset page

Summary: Reset password page api call, can be used to enumerate usernames based on the error message Steps To Reproduce: add details for how we can reproduce the issue 1. Go to password reset page 2. Enter username and click submit 3. Check email for password reset code, open the url in any brows...