3489 matches found
CVE-2015-7676
Ipswitch MOVEit File Transfer formerly DMZ 8.1 and earlier, when configured to support file view on download, allows remote authenticated users to conduct cross-site scripting XSS attacks by uploading HTML files...
CVE-2015-7676
CVE-2015-7676 affects Ipswitch MOVEit File Transfer (DMZ) 8.1 and earlier when configured to support file view on download. The root cause is insecure default configuration that allows uploading HTML files, enabling remote authenticated users to perform cross-site scripting (XSS) attacks. Impact ...
Thru Managed File Transfer Portal SQL Injection Vulnerability
Thru Managed File Transfer Portal is a web-based file transfer application. A SQL injection vulnerability exists in Thru Managed File Transfer Portal version 9.0.2. The program fails to filter the values of the sortorder and letterrange attributes, allowing an attacker to inject arbitrary SQL...
Reverse Shell Post Exploitation Tool: RSPET
RSPET Reverse Shell Post Exploitation Tool is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario. Features Remote Command Execution Trafic masking XORed insted of cleartext; for better results use port 443 Built-in File/Binary transfer both ways...
Pro-face GP-Pro EX Authentication Bypass Vulnerability
Pro-face GP-Pro EX is a set of HMI screen editing and logic programming software from American Pro-face. The Pro-face GP-Pro EX has a security vulnerability due to the use of hard-coded certificates by the FTP server. A remote attacker could exploit the vulnerability to access items in the device...
The vulnerability of the Cisco IOS operating system, which allows a intruder to trigger a service failure
The vulnerability of SCP and SFTP modules in the Cisco IOS operating system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service interruptions...
WiFi File Transfer - GPL license, MIT license vulnerabilities
HackApp vulnerability scanner discovered that application WiFi File Transfer published at the 'play' market has multiple vulnerabilities...
File Transfer - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities
HackApp vulnerability scanner discovered that application File Transfer published at the 'play' market has multiple vulnerabilities...
Send Anywhere (File Transfer) - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application Send Anywhere File Transfer published at the 'play' market has multiple vulnerabilities...
Bluetooth File Transfer - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Bluetooth File Transfer published at the 'play' market has multiple vulnerabilities...
Cisco NCS6000 IOS XR Software Secure Copy Protocol and Secure FTP Denial of Service Vulnerabilities
Cisco IOS XR for Cisco NCS6000 is a network operating system from Cisco that runs in the NCS 6000 series routers. A security vulnerability exists in the SCP and SFTP modules in Cisco IOS XR Software versions 5.0.0 through 5.2.5 for Cisco NCS 6000 due to the program failing to properly set...
ProjectSend r582 - Multiple Cross-Site Scripting Vulnerabilities
ProjectSend r582 - Multiple Cross-Site Scripting Vulnerabilities Exploit Title: Multiple persistent XSS in ProjectSend Discovery Date: 2016/02/19 Public Disclosure Date: 2016/03/17 Exploit Author: Michael Helwig Contact: https://twitter.com/c0dmtr1x Project Homepage: http://www.projectsend.org/...
ProjectSend r582 - Multiple Cross-Site Scripting Vulnerabilities
Exploit Title: Multiple persistent XSS in ProjectSend Discovery Date: 2016/02/19 Public Disclosure Date: 2016/03/17 Exploit Author: Michael Helwig Contact: https://twitter.com/c0dmtr1x Project Homepage: http://www.projectsend.org/ Software Link: http://www.projectsend.org/download/108/ Version:...
The vulnerability of the Signage Station presentation preparation program and the iArtist Lite presentation preparation utility, which allows a intruder to access protected information
The vulnerability of the Signage Station presentation preparation service and the iArtist Lite presentation preparation utility exists due to the rigid encoding of registration data. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to protected informatio...
QNAP Systems iArtist Lite Hardcoding Vulnerability
QNAP Systems iArtist Lite is a suite of ad editing software for QNAP NAS. QNAP Systems iArtist Lite uses hard-coded FTP accounts and passwords, allowing remote attackers to sniff the network for FTP transfer data...
Ipswitch MOVEit DMZ MOVEitISAPI Information Disclosure Vulnerability
Ipswitch MOVEit is an automated file transfer system from Ipswitch USA. DMZ and Mobile are among the versions. Ipswitch MOVEit A security vulnerability exists in the MOVEitISAPI service of DMZ due to the sending of different error messages based on the presence or absence of a FileID. A remote...
Thru Managed File Transfer Portal 9.0.2 - SQL Injection
Exploit for asp platform in category web applications Product: Thru Managed File Transfer Portal Manufacturer: Thru Affected Versions: 9.0.2 Tested Versions: 9.0.2 Vulnerability Type: SQL Injection CWE-89 Risk Level: High Solution Status: Open Manufacturer Notification: 2015-10-28 Solution Date:...
Thru Managed File Transfer Portal 9.0.2 Insecure Direct Object Reference
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-064 Product: Thru Managed File Transfer Portal Manufacturer: Thru Affected Versions: 9.0.2 Tested Versions: 9.0.2 Vulnerability Type: Insecure Direct Object Reference CWE-932 Risk Level: Medium Solution Status: Fixed...
Thru Managed File Transfer Portal 9.0.2 - SQL Injection
Thru Managed File Transfer Portal 9.0.2 - SQL Injection -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-056 Product: Thru Managed File Transfer Portal Manufacturer: Thru Affected Versions: 9.0.2 Tested Versions: 9.0.2 Vulnerability Type: SQL Injection CWE-89 Risk Level: Hig...
Thru Managed File Transfer Portal 9.0.2 Insecure Direct Object Reference
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-059 Product: Thru Managed File Transfer Portal Manufacturer: Thru Affected Versions: 9.0.2 Tested Versions: 9.0.2 Vulnerability Type: Insecure Direct Object Reference CWE-932 Risk Level: Medium Solution Status: Fixed...