CVE-2017-5879

An issue was discovered in Exponent CMS 2.4.1. This is a blind SQL injection that can be exploited by un-authenticated users via an HTTP GET request and which can be used to dump database data out to a malicious server, using an out-of-band technique, such as selectloadfile. The vulnerability...

CVE-2017-5879

An issue was discovered in Exponent CMS 2.4.1. This is a blind SQL injection that can be exploited by un-authenticated users via an HTTP GET request and which can be used to dump database data out to a malicious server, using an out-of-band technique, such as selectloadfile. The vulnerability...

CVE-2017-5879

An issue was discovered in Exponent CMS 2.4.1. This is a blind SQL injection that can be exploited by un-authenticated users via an HTTP GET request and which can be used to dump database data out to a malicious server, using an out-of-band technique, such as selectloadfile. The vulnerability...

CVE-2016-8977

IBM BigFix Inventory v9 could disclose sensitive information to an unauthorized user using HTTP GET requests. This information could be used to mount further attacks against the system...

CVE-2016-8977

IBM BigFix Inventory v9 could disclose sensitive information to an unauthorized user using HTTP GET requests. This information could be used to mount further attacks against the system...

Information disclosure

IBM BigFix Inventory v9 could disclose sensitive information to an unauthorized user using HTTP GET requests. This information could be used to mount further attacks against the system...

CVE-2016-8977

IBM BigFix Inventory v9 could disclose sensitive information to an unauthorized user using HTTP GET requests. This information could be used to mount further attacks against the system...

DiskSavvy Enterprise 9.1.14 / 9.3.14 GET Buffer Overflow Exploit

This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of DiskSavvy Enterprise versions 9.1.14 and 9.3.14, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested...

DiskSavvy Enterprise GET Buffer Overflow

This module exploits a stack-based buffer overflow vulnerability in the web interface of DiskSavvy Enterprise v9.1.14 and v9.3.14, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This module has been tested successfully on Windows XP SP...

Openexpert 0.5.17 - SQL Injection Vulnerability

Exploit for php platform in category web applications Title : Openexpert 0.5.17 - Sql Injection Author: Nassim Asrir Author Company: Henceforth Tested on: Winxp sp3 - win7 Vendor: https://sourceforge.net/projects/law-expert/ Download Software: https://sourceforge.net/projects/law-expert/files/...

DiskBoss Enterprise - GET Buffer Overflow (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'DiskBoss Enterprise GET Buffer Overflow', 'Description' = %q This module exploits a stack-based buffer overflow vulnerability i...

DiskBoss Enterprise GET Buffer Overflow Exploit

This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of DiskBoss Enterprise v7.5.12 and v7.4.28, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested...

DiskBoss Enterprise GET Buffer Overflow

This module exploits a stack-based buffer overflow vulnerability in the web interface of DiskBoss Enterprise v7.5.12, v7.4.28, and v8.2.14, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This module has been tested successfully on...

Apache Tika Detection (HTTP)

HTTP based detection of Apache Tika. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.810251";...

Buffer overflow

Buffer overflow in sendredirect in Boa Webserver 0.92r allows remote attackers to DoS via an HTTP GET request requesting a long URI with only '/' and '.' characters...

CVE-2016-9564

Boa Webserver 0.92r contains a buffer overflow in the send_redirect() function that can be triggered by a crafted HTTP GET request with a long URI composed only of '/' and '.' characters, leading to a denial-of-service condition. Multiple sources (NVD, CNVD, CVE records, and vendor write-ups) cor...

CVE-2016-9564

Buffer overflow in sendredirect in Boa Webserver 0.92r allows remote attackers to DoS via an HTTP GET request requesting a long URI with only '/' and '.' characters...

Novell Open Enterprise Server Remote Version Detection

Detection of installed version of Novell Open Enterprise Server. This script sends an HTTP GET request and tries to get the version from the response. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respecti...

Moxa SoftCMS 1.5 - Denial of Service (PoC) Exploit

Exploit for windows platform in category dos / poc ''' Title: Moxa SoftCMS 1.5 AspWebServer Denial of Service Vulnerability Author: Zhou Yu Email: email protected Vendor: http://www.moxa.com/ Versions affected: 1.5 or prior versions Test on: Moxa SoftCMS 1.5 on Windows 7 SP1 x32 CVE: CVE-2016-933...

NBOX Detection (HTTP)

Detects the installed version of NBOX. This script sends an HTTP GET request and tries to get the version from the response. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...