Lucene search
K

9816 matches found

htbridge
htbridge
added 2012/10/24 12:0 a.m.57 views

Multiple Vulnerabilities in Smartphone Pentest Framework (SPF)

High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in Smartphone Pentest Framework SPF web-based GUI, which could be exploited to get control over a pentester's machine. The research was inspired by the vulnerability found by Jon Passki http://osvdb.org/85873. Even if the...

8.3CVSS10.5AI score0.01664EPSS
Exploits7Affected Software1
Positive Technologies
Positive Technologies
added 2012/10/15 12:0 a.m.5 views

PT-2025-31695 · NetGear · Netgear Routers

Name of the Vulnerable Software and Affected Versions: Netgear routers versions 1.1.00.24 through 1.1.00.45 Description: An authenticated OS command injection vulnerability exists due to improper input neutralization. This allows for command injection through crafted POST requests to the /setup.c...

9CVSS7.2AI score0.04391EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2012/10/15 12:0 a.m.5 views

PT-2025-31687

Name of the Vulnerable Software and Affected Versions D-Link DIR-300 version 1.05 D-Link DIR-615 version 4.13 Description An OS command injection vulnerability exists in multiple D-Link routers via the authenticated tools vct.xgi CGI endpoint. The web interface does not properly sanitize...

9CVSS6.2AI score0.09637EPSS
Exploits1References11
Metasploit
Metasploit
added 2012/08/21 11:25 a.m.12 views

E-Mail Security Virtual Appliance learn-msg.cgi Command Injection

This module exploits a command injection vulnerability found in E-Mail Security Virtual Appliance. This module abuses the learn-msg.cgi file to execute arbitrary OS commands without authentication. This module has been successfully tested on the ESVA2057 appliance. This module requires Metasploit...

0.8AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2012/08/08 12:0 a.m.30 views

JVN#99730704: Sleipnir Mobile for Android vulnerable to arbitrary Java method execution

Sleipnir Mobile for Android is a web browser for Android devices. Sleipnir Mobile for Android contains an arbitrary Java method execution vulnerability. Impact When opening a specially crafted website, an attacker may be able to execute an arbitrary Java method. As a result, information stored in...

6.8CVSS6.8AI score0.02031EPSS
Exploits0
securityvulns
securityvulns
added 2012/07/09 12:0 a.m.41 views

NGS00196 Patch Notification: Nagios XI Network Monitor OS Command Injection

High Risk Vulnerability in Nagios XI Network Monitor 2 July 2012 Daniel Compton of NCC Group has discovered a High risk vulnerability in Nagios XI Network Monitor Impact: Nagios XI Network Monitor OS Command Injection Versions affected: Nagios XI Network Monitor 2011R1.9 An updated version of the...

0.1AI score
Exploits0
0day.today
0day.today
added 2012/06/27 12:0 a.m.73 views

Symantec Web Gateway 5.0.2.8 Multiple Vulnerabilities

Exploit for linux platform in category web applications Software: Symantec Web Gateway Current Software Version: 5.0.2.8 Product homepage: www.symantec.com Author: S2 Crew Hungary CVE: CVE-2012-0297, CVE-2012-0298, ??? File include:...

7.1AI score0.72596EPSS
Exploits22
Packet Storm
Packet Storm
added 2012/06/27 12:0 a.m.58 views

Symantec Web Gateway 5.0.28 LFI / Code Execution

Software: Symantec Web Gateway Current Software Version: 5.0.2.8 Product homepage: www.symantec.com Author: S2 Crew Hungary CVE: CVE-2012-0297, CVE-2012-0298, ??? File include: https://192.168.82.207/spywall/previewProxyError.php?err=../../../../../../../../etc/passwd File include and OS command...

10CVSS6.4AI score0.72596EPSS
Exploits22
exploitpack
exploitpack
added 2012/04/09 12:0 a.m.12 views

Dolibarr ERPCRM 3.2.0 3.1.1 - OS Command Injection

Dolibarr ERPCRM 3.2.0 3.1.1 - OS Command Injection Dolibarr ERP & CRM OS Command Injection =================================== 1. Advisory Information Date published: 2012-4-6 Vendors contacted: Dolibarr Release mode: Coordinated release 2. Vulnerability Information Class: Injection Remotely...

0.3AI score
Exploits0
Metasploit
Metasploit
added 2012/04/08 6:20 p.m.21 views

Dolibarr ERP/CRM Post-Auth OS Command Injection

This module exploits a vulnerability found in Dolibarr ERP/CRM 3's backup feature. This software is used to manage a company's business information such as contacts, invoices, orders, stocks, agenda, etc. When processing a database backup request, the export.php function does not check the input...

1AI score
Exploits0
Packet Storm
Packet Storm
added 2012/04/07 12:0 a.m.15 views

Dolibarr ERP / CRM OS Command Injection

Dolibarr ERP & CRM OS Command Injection =================================== 1. Advisory Information Date published: 2012-4-6 Vendors contacted: Dolibarr Release mode: Coordinated release 2. Vulnerability Information Class: Injection Remotely Exploitable: Yes Locally Exploitable: Yes 3. Software...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2012/03/26 12:0 a.m.79 views

Cyberoam Unified Threat Management: OS Command Execution

Hi, Please find below the details of a vulnerability I discovered in Cyberoam UTM device. The Vendor was notified, however I did not receive any response from Vendor despite repeated email reminders. SECURITY ADVISORY: cyberoam-utm-command-executaion Affected Software: Cyberoam CR50ia 10.01.0 bui...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2012/03/22 12:0 a.m.27 views

Cyberoam UTM - Multiple Vulnerabilities

Cyberoam UTM - Multiple Vulnerabilities SECURITY ADVISORY: cyberoam-utm-command-executaion Affected Software: Cyberoam CR50ia 10.01.0 build 678 Vulnerability: OS Command Execution Severity: High Release Date: Unreleased I. Background "Cyberoam Unified Threat Management appliances offer assured...

0.4AI score
Exploits0
0day.today
0day.today
added 2012/03/22 12:0 a.m.30 views

Cyberoam UTM Multiiple Vulnerabilities

Exploit for hardware platform in category web applications Affected Software: Cyberoam CR50ia 10.01.0 build 678 Vulnerability: OS Command Execution Severity: High Release Date: Unreleased I. Background "Cyberoam Unified Threat Management appliances offer assured security, connectivity and...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2012/03/22 12:0 a.m.43 views

Cyberoam UTM - Multiple Vulnerabilities

SECURITY ADVISORY: cyberoam-utm-command-executaion Affected Software: Cyberoam CR50ia 10.01.0 build 678 Vulnerability: OS Command Execution Severity: High Release Date: Unreleased I. Background "Cyberoam Unified Threat Management appliances offer assured security, connectivity and productivity to...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2012/03/21 12:0 a.m.36 views

Cyberoam UTM Command Execution

SECURITY ADVISORY: cyberoam-utm-command-executaion Affected Software: Cyberoam CR50ia 10.01.0 build 678 Vulnerability: OS Command Execution Severity: High Release Date: Unreleased I. Background "Cyberoam Unified Threat Management appliances offer assured security, connectivity and productivity to...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2012/03/20 12:0 a.m.102 views

Aruba Networks multiple advisories: OS command injection in RAP web interface and 802.1X EAP-TLS user authentication bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ADVISORY NUMBER 031912 Advisory 1: TITLE OS Command Injection Vulnerability in Aruba Remote Access Point Diagnostic Web Interface. SUMMARY An OS command injection vulnerability has been discovered in the Aruba Remote Access Point's Diagnostic Web...

0.8AI score
Exploits0
OpenVAS
OpenVAS
added 2012/03/16 12:0 a.m.33 views

VMware ESXi/ESX patches resolve multiple security issues (VMSA-2010-0018)

The remote ESXi is missing one or more security related Updates from VMSA-2010-0018. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

9.3CVSS5.2AI score0.05844EPSS
Exploits4References1
OpenVAS
OpenVAS
added 2012/03/12 12:0 a.m.28 views

Debian Security Advisory DSA 2423-1 (movabletype-opensource)

The remote host is missing an update to movabletype-opensource announced via advisory DSA 2423-1. OpenVAS Vulnerability Test $Id: deb24231.nasl 8970 2018-02-27 15:16:18Z cfischer $ Description: Auto-generated from advisory DSA 2423-1 movabletype-opensource Authors: Thomas Reinke Copyright:...

7.5CVSS0.5AI score0.02707EPSS
Exploits2
NVD
NVD
added 2012/03/03 4:4 a.m.21 views

CVE-2012-0319

The file-management system in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote authenticated users to execute arbitrary commands by leveraging the file-upload feature, related to an "OS Command Injection" issue...

6.5CVSS7.2AI score0.02449EPSS
Exploits0References7
Rows per page
Query Builder