Lucene search
K

166 matches found

0day.today
0day.today
added 2018/08/28 12:0 a.m.131 views

WordPress Plainview Activity Monitor 20161228 Plugin - Command Injection Exploit

Exploit for php platform in category web applications !-- Wordpress Plainview Activity Monitor RCE + Version: 20161228 and possibly prior + Description: Combine OS Commanding and CSRF to get reverse shell + Author: LydAcric LEFEBVRE + CVE-ID: CVE-2018-15877...

0.1AI score0.7699EPSS
Exploits11
CNVD
CNVD
added 2018/08/27 12:0 a.m.6 views

WordPress Plainview Activity Monitor Plugin OS Command Injection Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . Plainview Activity Monitor plugin is used in one of the website user activity monitoring plugin . An operating syst...

9CVSS8.7AI score0.7699EPSS
Exploits11References1
Packet Storm
Packet Storm
added 2018/08/27 12:0 a.m.60 views

WordPress Plainview Activity Monitor 20161228 Command Injection

About: =========== Component: Plainview Activity Monitor Wordpress plugin Vulnerable version: 20161228 and possibly prior Fixed version: 20180826 CVE-ID: CVE-2018-15877 CWE-ID: CWE-78 Author: - LydAcric Lefebvre https://www.linkedin.com/in/lydericlefebvre Timeline: =========== - 2018/08/25:...

0.7699EPSS
Exploits11
Exploit DB
Exploit DB
added 2018/08/27 12:0 a.m.53 views

WordPress Plugin Plainview Activity Monitor 20161228 - (Authenticated) Command Injection

!-- Wordpress Plainview Activity Monitor RCE + Version: 20161228 and possibly prior + Description: Combine OS Commanding and CSRF to get reverse shell + Author: LydAcric LEFEBVRE + CVE-ID: CVE-2018-15877 + Usage: Replace 127.0.0.1 & 9999 with you ip...

9CVSS7AI score0.7699EPSS
Exploits11
exploitpack
exploitpack
added 2018/08/27 12:0 a.m.36 views

WordPress Plugin Plainview Activity Monitor 20161228 - (Authenticated) Command Injection

WordPress Plugin Plainview Activity Monitor 20161228 - Authenticated Command Injection !-- Wordpress Plainview Activity Monitor RCE + Version: 20161228 and possibly prior + Description: Combine OS Commanding and CSRF to get reverse shell + Author: LydAcric LEFEBVRE + CVE-ID: CVE-2018-15877 +...

9CVSS0.2AI score0.7699EPSS
Exploits11
OSV
OSV
added 2018/08/26 7:29 a.m.6 views

CVE-2018-15877

The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerable to OS command injection via shell metacharacters in the ip parameter of a wp-admin/admin.php?page=plainviewactivitymonitor&tab=activitytools request...

8.8CVSS5.8AI score0.7699EPSS
Exploits11References4
Prion
Prion
added 2018/08/26 7:29 a.m.20 views

Command injection

The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerable to OS command injection via shell metacharacters in the ip parameter of a wp-admin/admin.php?page=plainviewactivitymonitor&tab=activitytools request...

9CVSS8.9AI score0.7699EPSS
Exploits11References4Affected Software1
NVD
NVD
added 2018/08/26 7:29 a.m.18 views

CVE-2018-15877

The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerable to OS command injection via shell metacharacters in the ip parameter of a wp-admin/admin.php?page=plainviewactivitymonitor&tab=activitytools request...

9CVSS8.9AI score0.7699EPSS
Exploits11References4
Cvelist
Cvelist
added 2018/08/26 7:0 a.m.34 views

CVE-2018-15877

The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerable to OS command injection via shell metacharacters in the ip parameter of a wp-admin/admin.php?page=plainviewactivitymonitor&tab=activitytools request...

9AI score0.7699EPSS
Exploits11References4
CVE
CVE
added 2018/08/26 7:0 a.m.149 views

CVE-2018-15877

WordPress Plainview Activity Monitor plugin is vulnerable to OS command injection via the ip parameter in the activities_overview.php flow (and via the wp-admin/admin.php?action path noted in sources). Root cause: unsafe handling of user-supplied data leading to remote command execution. Affected...

9CVSS8.8AI score0.7699EPSS
Exploits11References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2018/08/26 12:0 a.m.35 views

CVE-2018-15877

The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerable to OS command injection via shell metacharacters in the ip parameter of a wp-admin/admin.php?page=plainviewactivitymonitor&tab=activitytools request. Recent assessments: cdelafuente-r7 at November 27, 2019 2:59pm UT...

9CVSS3.4AI score0.7699EPSS
Exploits11References6
Positive Technologies
Positive Technologies
added 2018/08/26 12:0 a.m.9 views

PT-2018-13263 · Plainview · Plainview Activity Monitor

Name of the Vulnerable Software and Affected Versions: Plainview Activity Monitor plugin versions prior to 20180826 Description: The issue allows for OS command injection via shell metacharacters in the ip parameter of a "wp-admin/admin.php?page=plainview activity monitor&tab=activity tools"...

9CVSS8.8AI score0.7699EPSS
Exploits11References8
IBM Security Bulletins
IBM Security Bulletins
added 2018/07/16 10:15 a.m.27 views

Security Bulletin: IBM InfoSphere Guardium Database Activity Monitor is affected by: CVE-2014-4263 and CVE-2014-4244

Summary An unspecified vulnerability related to the Security component has partial confidentiality impact, partial integrity impact, and no availability impact, reported on July 15, 2014. Vulnerability Details CVE-ID: CVE-2014-4263 DESCRIPTION: Unspecified vulnerability in Oracle Java SE 5.0u65,...

4CVSS4.2AI score0.03501EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/07/16 10:15 a.m.40 views

Security Bulletin: IBM InfoSphere Guardium Database Activity Monitor is affected by CVE-2014-0221, CVE-2014-0224, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470

Summary Guardium appliance is RHEL 5.8 based and uses OpenSSL from Red Hat for communications between appliances. Vulnerability Details CVE-2014-0224 OpenSSL is vulnerable to a man-in-the-middle attack, caused by the use of weak keying material in SSL/TLS clients and servers. A remote attacker...

7.4CVSS1.4AI score0.99977EPSS
Exploits13Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 10:5 p.m.15 views

Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by a User Enumeration - CLI vulnerability (CVE-2017-1601)

Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerability Vulnerability Details CVEID: CVE-2017-1601 DESCRIPTION: IBM Security Guardium Database Activity Monitor does not require that users should have strong passwords by default, which makes it easier for...

9.8CVSS1.7AI score0.02497EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 10:5 p.m.29 views

Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by a Public disclosed vulnerability from Apache Struts vulnerability (CVE-2017-15707)

Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerability Vulnerability Details CVEID: CVE-2017-15707 DESCRIPTION: Apache Struts is vulnerable to a denial of service. By sending a specially crafted JSON request using outdated json-lib with the Struts REST...

6.2CVSS0.9AI score0.04889EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 10:5 p.m.22 views

Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by Insufficient Authorization Checks vulnerability (CVE-2018-1368 )

Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerability Vulnerability Details CVEID: CVE-2018-1368 DESCRIPTION: IBM Security Guardium Database Activity Monitor could allow a local user with low privileges to view report pages and perform some actions that...

4.4CVSS0.9AI score0.00293EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 10:4 p.m.27 views

Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by SQL Injection - gimservlet Vulnerability(CVE-2017-1757 )

Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2017-1757 DESCRIPTION: IBM Security Identity Governance Virtual Appliance is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL...

8.8CVSS1.4AI score0.01594EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 10:3 p.m.33 views

Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by vulnerabilities in Oracle MySQL

Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2017-3641 DESCRIPTION: An unspecified vulnerability in Oracle MySQL related to the Server: DML component could allow an authenticated attacker to cause a denial of...

4.9CVSS1.7AI score0.03198EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 10:3 p.m.46 views

Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by vulnerabilities in Oracle MySQL (Multiple CVEs)

Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerabilities Vulnerability Details CVEID: CVE-2017-3642 DESCRIPTION: An unspecified vulnerability in Oracle MySQL related to the Server: Optimizer component could allow an authenticated attacker to cause a deni...

6.5CVSS1.6AI score0.02989EPSS
Exploits0Affected Software1
Rows per page
Query Builder