170 matches found
Belkin Wemo-Enabled Crock-Pot Remote Control
This module acts as a simple remote control for Belkin Wemo-enabled Crock-Pots by implementing a subset of the functionality provided by the Wemo App. No vulnerabilities are exploited by this Metasploit module in any way. This module requires Metasploit: https://metasploit.com/download Current...
Cisco Registered Envelope Service Cross-Site Scripting Vulnerability (CNVD-2018-16180)
Cisco Registered Envelope Service is a set of mail service solutions from Cisco USA. The product includes read receipts for mail, mail recycling, mail forwarding and reply functions, and provides smartphone support. A cross-site scripting vulnerability exists in the web-based management interface...
CVE-2018-0367
A vulnerability in the web-based management interface of the Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the affected service. The vulnerability is due to...
Cross site scripting
A vulnerability in the web-based management interface of the Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the affected service. The vulnerability is due to...
CVE-2018-0367
A vulnerability in the web-based management interface of the Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the affected service. The vulnerability is due to...
CVE-2018-0367
A vulnerability in the web-based management interface of the Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the affected service. The vulnerability is due to...
CVE-2018-0367
The CVE-2018-0367 issue affects the Cisco Registered Envelope Service web-based management interface. Affected component: web-based management interface; vulnerability arises from insufficient validation of user-supplied input, enabling an authenticated, remote attacker to perform cross-site scri...
CVE-2018-0367
A vulnerability in the web-based management interface of the Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the affected service. The vulnerability is due to...
Cisco Registered Envelope Service Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of the Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the affected service. The vulnerability is due to...
Cross site scripting
A vulnerability in the web-based management interface of the cloud based Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the affected service. The vulnerability is...
CVE-2018-0208
A vulnerability in the web-based management interface of the cloud based Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the affected service. The vulnerability is...
CVE-2018-0208
A vulnerability in the web-based management interface of the cloud based Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the affected service. The vulnerability is...
CVE-2018-0208
CVE-2018-0208 affects Cisco Registered Envelope Service (cloud based) web-based management interface. The issue is insufficient validation of user-supplied input, enabling an authenticated, remote attacker to perform cross-site scripting (XSS) against a user of the interface. Exploitation require...
Cisco Registered Envelope Service Cross-Site Scripting Vulnerability (CNVD-2018-06453)
Cisco Registered Envelope Service cloud based is a cloud-based version of a suite of mail service solutions from the American company Cisco Cisco. The product includes mail read receipts, mail recycling, mail forwarding and reply functions, and provides smartphone support. A cross-site scripting...
Cisco Registered Envelope Service Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of the Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the affected service. The vulnerability is due to...
CCN-lite memory leak vulnerability (CNVD-2018-03676)
CCN-lite is a lightweight and functionally interoperable implementation of the CCNx protocol for XEROX PARC. A memory leak vulnerability exists in the ccnlappRX function in ccnl-uapi.c in versions of CCN-lite prior to 2.0.0. An attacker could cause a denial of service memory consumption by...
Oracle WebLogic - wls-wsat Component Deserialization Remote Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle WebLogic wls-wsat Component Deserialization RCE', 'Description' = %q The Oracle WebLogic WLS WSAT Component is vulnerable to a XML...
Oracle WebLogic wls-wsat Component Deserialization RCE
The Oracle WebLogic WLS WSAT Component is vulnerable to a XML Deserialization remote code execution vulnerability. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Discovered by Alexey Tyurin of ERPScan and Federico Dotta of Media Service. Please note th...
Cisco Registered Envelope Service Cross-Site Scripting Vulnerability (CNVD-2017-34809)
Cisco Registered Envelope Service is a set of mail service solutions from Cisco USA. The product includes read receipts for mail, mail recycling, mail forwarding and reply functions, and provides smartphone support. A cross-site scripting vulnerability exists in Cisco Registered Envelope Service,...
Cisco Registered Envelope Service Cross-Site Scripting Vulnerability (CNVD-2017-34810)
Cisco Registered Envelope Service is a set of mail service solutions from Cisco USA. The product includes read receipts for mail, mail recycling, mail forwarding and reply functions, and provides smartphone support. A cross-site scripting vulnerability exists in the web interface in Cisco...