Dell Storage Manager EmWebsiteServlet Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Dell Storage Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the doGet method of the EmWebsiteServlet class, which listens on TCP port...

Trend Micro Control Manager cmdHandlerFileHandling Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within cmdHandlerFileHandling.dll. The issue results from the lack of proper...

Trend Micro Deep Discovery Email Inspector kdump_setting Denial of Service Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of Trend Micro Deep Discovery Email Inspector. Authentication is not required to exploit this vulnerability. The specific flaw exists within kdumpsetting.php. The issue results from the lack of proper...

Cisco Prime Collaboration Provisioning logconfigtracer Directory Traversal Arbitrary File Deletion Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of Cisco Prime Collaboration Provisioning. Authentication is not required to exploit this vulnerability. The specific flaw exists within the logconfigtracer.jsp page, which listens on TCP port 443 by...

Cisco Prime Collaboration Provisioning logconfigtracer Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Cisco Prime Collaboration Provisioning. Authentication is not required to exploit this vulnerability. The specific flaw exists within the logconfigtracer.jsp page, which listens on TCP port...

Novell ZENworks Reporting Appliance Directory Traversal Arbitrary File Creation Vulnerability

This vulnerability allows remote attackers to create arbitrary files on vulnerable installations of Novell ZENworks Reporting Appliance. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FCExporter servlet. The process does not properly validate a...

EMC Data Protection Advisor ImageServlet Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of EMC Data Protection Advisor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ImageServlet servlet which listens on TCP ports 9002 and 9004...

Hewlett Packard Enterprise Cloud Optimizer DownloadServlet Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Hewlett Packard Enterprise Cloud Optimizer. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DownloadServlet servlet. The issue results from...

Hewlett Packard Enterprise Network Automation TrueControl Management Engine Service FileServlet Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Hewlett Packard Enterprise Network Automation. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FileServlet servlet. The issue results from...

CVE-2017-8307

In Avast Antivirus before v17, using the LPC interface API exposed by the AvastSVC.exe Windows service, it is possible to launch predefined binaries, or replace or delete arbitrary files. This vulnerability is exploitable by any unprivileged user when Avast Self-Defense is disabled. It is also...

Oracle Fusion Middleware MapViewer FileUploaderServlet fileName Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Fusion Middleware MapViewer. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FileUploaderServlet servlet. When parsing the fileName paramete...

WMI Based Agentless Post-Exploitation PowerShell RAT: WMImplant

WMImplant is a PowerShell based tool that leverages WMI to both perform actions against targeted machines, but also as the C2 channel for issuing commands and receiving results. WMImplant will likely require local administrator permissions on the targeted machine. It is designed to run both...

Introducing Monitor.app for macOS

UPDATE 2 Oct. 24, 2018: Monitor.app now supports macOS 10.14. UPDATE April 4, 2018: Monitor.app now supports macOS 10.13. As a malware analyst or systems programmer, having a suite of solid dynamic analysis tools is vital to being quick and effective. These tools enable us to understand malware...

Hewlett Packard Enterprise Intelligent Management Center Service Operation Manager Module FileDownloadServlet filePath Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within Service Operation Manager Module's...

Trend Micro InterScan Web Security Virtual Appliance LogDelete processRequest method Directory Traversal Denial of Service Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of Trend Micro InterScan Web Security Virtual Appliance. Authentication is required to exploit this vulnerability. The specific flaw exists within the LogDelete processRequest method. The issue result...

Trend Micro InterScan Web Security Virtual Appliance VerboseLog Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Trend Micro InterScan Web Security Virtual Appliance. Authentication is required to exploit this vulnerability. The specific flaw exists within processing of the VerboseLog servlet. The iss...

Hewlett Packard Enterprise Intelligent Management Center CommonUtils Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

Hewlett Packard Enterprise Intelligent Management Center FileDownloadServlet fileName Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The...

Trend Micro Deep Discovery Email Inspector write_new_html_with_svg Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Deep Discovery Email Inspector. Authentication is not required to exploit this vulnerability. The specific flaw exists within writenewhtmlwithsvg.php. The issue results from the lack of...

INTELLITAMPER . map code execution vulnerability, CVE-2008-5755-a vulnerability warning-the black bar safety net

Author: k0shl reprint please indicate the source: http://whereisk0shl.top Vulnerability description Software download: https://www.exploit-db.com/apps/91891f4b53d5e61e66061454ab87ccc7-intellitamperv2.07.exe PoC: import sys maptheader = "\x23\x23\x23\x20\x53\x49\x54\x45\x4D"...