166 matches found
WordPress Plainview Activity Monitor 20161228 Plugin - Command Injection Exploit
Exploit for php platform in category web applications !-- Wordpress Plainview Activity Monitor RCE + Version: 20161228 and possibly prior + Description: Combine OS Commanding and CSRF to get reverse shell + Author: LydAcric LEFEBVRE + CVE-ID: CVE-2018-15877...
WordPress Plainview Activity Monitor Plugin OS Command Injection Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . Plainview Activity Monitor plugin is used in one of the website user activity monitoring plugin . An operating syst...
WordPress Plainview Activity Monitor 20161228 Command Injection
About: =========== Component: Plainview Activity Monitor Wordpress plugin Vulnerable version: 20161228 and possibly prior Fixed version: 20180826 CVE-ID: CVE-2018-15877 CWE-ID: CWE-78 Author: - LydAcric Lefebvre https://www.linkedin.com/in/lydericlefebvre Timeline: =========== - 2018/08/25:...
WordPress Plugin Plainview Activity Monitor 20161228 - (Authenticated) Command Injection
!-- Wordpress Plainview Activity Monitor RCE + Version: 20161228 and possibly prior + Description: Combine OS Commanding and CSRF to get reverse shell + Author: LydAcric LEFEBVRE + CVE-ID: CVE-2018-15877 + Usage: Replace 127.0.0.1 & 9999 with you ip...
WordPress Plugin Plainview Activity Monitor 20161228 - (Authenticated) Command Injection
WordPress Plugin Plainview Activity Monitor 20161228 - Authenticated Command Injection !-- Wordpress Plainview Activity Monitor RCE + Version: 20161228 and possibly prior + Description: Combine OS Commanding and CSRF to get reverse shell + Author: LydAcric LEFEBVRE + CVE-ID: CVE-2018-15877 +...
CVE-2018-15877
The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerable to OS command injection via shell metacharacters in the ip parameter of a wp-admin/admin.php?page=plainviewactivitymonitor&tab=activitytools request...
Command injection
The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerable to OS command injection via shell metacharacters in the ip parameter of a wp-admin/admin.php?page=plainviewactivitymonitor&tab=activitytools request...
CVE-2018-15877
The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerable to OS command injection via shell metacharacters in the ip parameter of a wp-admin/admin.php?page=plainviewactivitymonitor&tab=activitytools request...
CVE-2018-15877
The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerable to OS command injection via shell metacharacters in the ip parameter of a wp-admin/admin.php?page=plainviewactivitymonitor&tab=activitytools request...
CVE-2018-15877
WordPress Plainview Activity Monitor plugin is vulnerable to OS command injection via the ip parameter in the activities_overview.php flow (and via the wp-admin/admin.php?action path noted in sources). Root cause: unsafe handling of user-supplied data leading to remote command execution. Affected...
CVE-2018-15877
The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerable to OS command injection via shell metacharacters in the ip parameter of a wp-admin/admin.php?page=plainviewactivitymonitor&tab=activitytools request. Recent assessments: cdelafuente-r7 at November 27, 2019 2:59pm UT...
PT-2018-13263 · Plainview · Plainview Activity Monitor
Name of the Vulnerable Software and Affected Versions: Plainview Activity Monitor plugin versions prior to 20180826 Description: The issue allows for OS command injection via shell metacharacters in the ip parameter of a "wp-admin/admin.php?page=plainview activity monitor&tab=activity tools"...
Security Bulletin: IBM InfoSphere Guardium Database Activity Monitor is affected by: CVE-2014-4263 and CVE-2014-4244
Summary An unspecified vulnerability related to the Security component has partial confidentiality impact, partial integrity impact, and no availability impact, reported on July 15, 2014. Vulnerability Details CVE-ID: CVE-2014-4263 DESCRIPTION: Unspecified vulnerability in Oracle Java SE 5.0u65,...
Security Bulletin: IBM InfoSphere Guardium Database Activity Monitor is affected by CVE-2014-0221, CVE-2014-0224, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470
Summary Guardium appliance is RHEL 5.8 based and uses OpenSSL from Red Hat for communications between appliances. Vulnerability Details CVE-2014-0224 OpenSSL is vulnerable to a man-in-the-middle attack, caused by the use of weak keying material in SSL/TLS clients and servers. A remote attacker...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by a User Enumeration - CLI vulnerability (CVE-2017-1601)
Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerability Vulnerability Details CVEID: CVE-2017-1601 DESCRIPTION: IBM Security Guardium Database Activity Monitor does not require that users should have strong passwords by default, which makes it easier for...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by a Public disclosed vulnerability from Apache Struts vulnerability (CVE-2017-15707)
Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerability Vulnerability Details CVEID: CVE-2017-15707 DESCRIPTION: Apache Struts is vulnerable to a denial of service. By sending a specially crafted JSON request using outdated json-lib with the Struts REST...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by Insufficient Authorization Checks vulnerability (CVE-2018-1368 )
Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerability Vulnerability Details CVEID: CVE-2018-1368 DESCRIPTION: IBM Security Guardium Database Activity Monitor could allow a local user with low privileges to view report pages and perform some actions that...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by SQL Injection - gimservlet Vulnerability(CVE-2017-1757 )
Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2017-1757 DESCRIPTION: IBM Security Identity Governance Virtual Appliance is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by vulnerabilities in Oracle MySQL
Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2017-3641 DESCRIPTION: An unspecified vulnerability in Oracle MySQL related to the Server: DML component could allow an authenticated attacker to cause a denial of...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by vulnerabilities in Oracle MySQL (Multiple CVEs)
Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerabilities Vulnerability Details CVEID: CVE-2017-3642 DESCRIPTION: An unspecified vulnerability in Oracle MySQL related to the Server: Optimizer component could allow an authenticated attacker to cause a deni...