166 matches found
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by an SNMPD vulnerability
Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2002-0013 DESCRIPTION: Many vendor implementations of the Simple Network Management Protocol SNMP have multiple remote vulnerabilities caused by the improper handlin...
WordPress Plainview Activity Monitor 20161228 Plugin - Remote Code Execution (Authenticated) Exploit
Exploit Title: WordPress Plugin Plainview Activity Monitor 20161228 - Remote Code Execution RCE Authenticated 2 Exploit Author: Beren Kuday GORUN Vendor Homepage: https://wordpress.org/plugins/plainview-activity-monitor/ Software Link:...
WordPress Plainview Activity Monitor 20161228 Remote Code Execution
Exploit Title: WordPress Plugin Plainview Activity Monitor 20161228 - Remote Code Execution RCE Authenticated 2 Date: 07.07.2021 Exploit Author: Beren Kuday GORUN Vendor Homepage: https://wordpress.org/plugins/plainview-activity-monitor/ Software Link:...
WordPress Plugin Plainview Activity Monitor 20161228 - Remote Code Execution (RCE) (Authenticated) (2)
Exploit Title: WordPress Plugin Plainview Activity Monitor 20161228 - Remote Code Execution RCE Authenticated 2 Date: 07.07.2021 Exploit Author: Beren Kuday GORUN Vendor Homepage: https://wordpress.org/plugins/plainview-activity-monitor/ Software Link:...
Binary Vulnerability in Kermel Computer Activity Monitor
Kermel Computer Activity Monitor is a software that tracks all Internet activity, including browsing history, pages visited, access times and usernames. Features include monitoring an unlimited number of computers at the same time, performing stealth monitoring in a completely hidden manner, taki...
UPDATE: Sysdig Falco v0.18.0
Sysdig Falco v0.18.0 was released a while ago which I detected when I was using this tool and hence this blog. It has been some time since I last blogged about this open source behavorial activity monitor which has container support and a lot has changed in this version as well. What is Sysdig...
WordPress Plainview Activity Monitor Remote Command Execution Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform using PHP language development, the platform supports in PHP and MySQL servers to set up a personal blog site.Plainview Activity Monitor is used in one of the website user activity monitoring plugin. A remote command...
WordPress Plainview Activity Monitor 20161228 Remote Command Execution Exploit
WordPress Plainview Activity Monitor plugin is vulnerable to OS command injection which allows an attacker to remotely execute commands on the underlying system. Application passes unsafe user supplied data to ip parameter into activitiesoverview.php. Privileges are required in order to exploit...
WordPress Plainview Activity Monitor 20161228 Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Plainview Activity Monitor RCE', 'Description' = %q Plainview Activity Monitor Wordpress plugin is vulnerable to OS command injection...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by OS Command Injection vulnerability (CVE-2016-0236)
Summary IBM Security Guardium Database Activity Monitor could allow an authenticated attacker to injection commands into the search field that will be executed as root. Vulnerability Details CVEID: CVE-2016-0236 DESCRIPTION: IBM Security Guardium Database Activity Monitor could allow an...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by Execution with Unnecessary Privileges vulnerability (CVE-2016-0328)
Summary IBM Security Guardium Database Activity Monitor could allow a local user to injection commands that would be executed with administrator privileges. Vulnerability Details CVEID: CVE-2016-0328 DESCRIPTION: IBM Security Guardium Database Activity Monitor could allow a local user to injectio...
Wordpress Plainview Activity Monitor RCE
Plainview Activity Monitor Wordpress plugin is vulnerable to OS command injection which allows an attacker to remotely execute commands on underlying system. Application passes unsafe user supplied data to ip parameter into activitiesoverview.php. Privileges are required in order to exploit this...
WordPress Plainview Activity Monitor Plugin Command Injection (CVE-2018-15877)
A command injection vulnerability exists in WordPress Plainview Activity Monitor plugin. Successful exploitation of this vulnerability would allow remote attackers to execute arbitrary OS commands in the affected system...
UPDATE: Sysdig Falco v0.15.0
PenTestIT RSS Feed Three days ago, an updated version – Sysdig Falco v0.15.0 – was released. It has been some time since I last blogged about this open source behavorial activity monitor which has container support. This release incorporates a lot of rule updates that are now also tagged the for...
UPDATE: Sysdig Falco v0.14.0
PenTestIT RSS Feed Recently, an updated version - Sysdig Falco v0.14.0 - was released. It has been some time since I last blogged about this open source behavorial activity monitor which has container support. What is Sysdig Falco? Sysdig Falco is an open source, behavioral activity monitor...
Default credentials
IBM Security Guardium 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, and 10.5 Database Activity Monitor does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 132610...
CVE-2017-1597
IBM Security Guardium 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, and 10.5 Database Activity Monitor does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 132610...
CVE-2017-1597
CVE-2017-1597 affects IBM Security Guardium Database Activity Monitor versions 10.0–10.5. The root cause is a default weak password policy (no requirement for strong passwords), which can enable account compromise. Official advisories estimate CVSSv3 base score 7.5 (High) with impact on confident...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by a Weak Passsword Policy vulnerability
Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2017-1597 DESCRIPTION: IBM Security Guardium Database Activity Monitor does not require that users should have strong passwords by default, which makes it easier for...
WordPress Plainview Activity Monitor plugin <= 20161228 - Remote Command Execution (RCE) vulnerability
Remote Command Execution RCE vulnerability found by "aas" in WordPress Plainview Activity Monitor plugin versions = 20161228. Solution Update the WordPress Plainview Activity Monitor plugin to the latest available version at least 20180826...