239 matches found
PowerPanel Business Edition 3.4.0 Cross Site Request Forgery
Exploit Title: PowerPanel Business Edition 3.4.0 - Cross Site Request Forgery Date: 7/9/2019 Exploit Author: Joey Lane Vendor Homepage: https://www.cyberpowersystems.com Version: 3.4.0 Tested on: Ubuntu 16.04 CVE : CVE-2019-13071 Reported to vendor on 5/25/2019, no acknowledgement. The Agent/Cent...
CVE-2019-13070
A stored XSS vulnerability in the Agent/Center component of CyberPower PowerPanel Business Edition 3.4.0 allows a privileged attacker to embed malicious JavaScript in the SNMP trap receivers form. Upon visiting the /agent/actionrecipient Event Action/Recipient page, the embedded code will be...
CVE-2019-13070
A stored XSS vulnerability in the Agent/Center component of CyberPower PowerPanel Business Edition 3.4.0 allows a privileged attacker to embed malicious JavaScript in the SNMP trap receivers form. Upon visiting the /agent/actionrecipient Event Action/Recipient page, the embedded code will be...
Cross site scripting
A stored XSS vulnerability in the Agent/Center component of CyberPower PowerPanel Business Edition 3.4.0 allows a privileged attacker to embed malicious JavaScript in the SNMP trap receivers form. Upon visiting the /agent/actionrecipient Event Action/Recipient page, the embedded code will be...
CVE-2019-13070
CVE-2019-13070 is a stored XSS vulnerability in the Agent/Center component of CyberPower PowerPanel Business Edition 3.4.0. The issue allows a privileged attacker to embed malicious JavaScript via the SNMP trap receivers form; when a user visits the /agent/action_recipient Event Action/Recipient ...
CVE-2019-13070
A stored XSS vulnerability in the Agent/Center component of CyberPower PowerPanel Business Edition 3.4.0 allows a privileged attacker to embed malicious JavaScript in the SNMP trap receivers form. Upon visiting the /agent/actionrecipient Event Action/Recipient page, the embedded code will be...
PowerPanel Business Edition - Cross-Site Scripting Vulnerability
Exploit for linux platform in category web applications Exploit Title: PowerPanel Business Edition - Stored Cross Site Scripting SNMP trap receivers Google Dork: None Exploit Author: Joey Lane Vendor Homepage: https://www.cyberpowersystems.com Software Link:...
PowerPanel Business Edition 3.4.0 Cross Site Scripting
Exploit Title: PowerPanel Business Edition - Stored Cross Site Scripting SNMP trap receivers Google Dork: None Date: 6/29/2019 Exploit Author: Joey Lane Vendor Homepage: https://www.cyberpowersystems.com Software Link: https://dl4jz3rbrsfum.cloudfront.net/software/ppbe340-linux-x8664.sh Version:...
PowerPanel Business Edition - Cross-Site Scripting
PowerPanel Business Edition - Cross-Site Scripting Exploit Title: PowerPanel Business Edition - Stored Cross Site Scripting SNMP trap receivers Google Dork: None Date: 6/29/2019 Exploit Author: Joey Lane Vendor Homepage: https://www.cyberpowersystems.com Version: 3.4.0 Tested on: Ubuntu 16.04 CVE...
PowerPanel Business Edition - Cross-Site Scripting
Exploit Title: PowerPanel Business Edition - Stored Cross Site Scripting SNMP trap receivers Google Dork: None Date: 6/29/2019 Exploit Author: Joey Lane Vendor Homepage: https://www.cyberpowersystems.com Version: 3.4.0 Tested on: Ubuntu 16.04 CVE : Pending CyberPower PowerPanel Business Edition...
Product update: Virtuozzo PowerPanel RTM Hotfix 4 (7.0.1-422)
The new packages for Virtuozzo PowerPanel introduce a new feature as well as usability fixes. Vulnerability id: PP-336 Unable to select key combinations from the "Send Key Combination" list when using Mozilla Firefox. Vulnerability id: PP-506 Update could fail due to a package repository conflict...
Important product update: Virtuozzo PowerPanel RTM Hotfix 3 (7.0.1-415)
The new packages for Virtuozzo PowerPanel introducing new features as well as security and usability fixes. Vulnerability id: CVE-2014-3566, PP-427 Disabled SSLv3 access to the management panel to protect against the POODLE SSLv3 vulnerability...
Product update: Virtuozzo PowerPanel RTM Hotfix 2 (7.0.1-354)
The new packages for Virtuozzo PowerPanel introducing usability bug fixes. Vulnerability id: PP-403 Installation of computes failed to complete if 'nodes.lst' had empty lines. Vulnerability id: PP-401 Unable to join computes due to incorrect repository priorities. Vulnerability id: PP-378 Improve...
Important product security update: Virtuozzo PowerPanel RTM Hotfix 1 (7.0.1-346)
The new packages for Virtuozzo PowerPanel introducing a security fix and usability bug fixes. Vulnerability id: PP-312 Incorrect checking of locked VM accounts in Virtuozzo SDK allowed one to use any password to log in to Virtuozzo PowerPanel in the legacy mode for a VM with such a locked account...
CyberPower Systems PowerPanel 3.1.2 XXE Out-Of-Band Data Retrieval
CyberPower Systems PowerPanel 3.1.2 XXE Out-Of-Band Data Retrieval Vendor: CyberPower Systems, Inc. Product web page: https://www.cyberpowersystems.com Affected version: 3.1.2 37567 Business Edition Summary: The PowerPanel® Business Edition software from CyberPower provides IT professionals with...
CyberPower Systems PowerPanel 3.1.2 - XML External Entity Out-Of-Band Data Retrieval
CyberPower Systems PowerPanel 3.1.2 - XML External Entity Out-Of-Band Data Retrieval CyberPower Systems PowerPanel 3.1.2 XXE Out-Of-Band Data Retrieval Vendor: CyberPower Systems, Inc. Product web page: https://www.cyberpowersystems.com Affected version: 3.1.2 37567 Business Edition Summary: The...
CyberPower Systems PowerPanel 3.1.2 - XXE Out-Of-Band Data Retrieval
Exploit for multiple platform in category web applications CyberPower Systems PowerPanel 3.1.2 XXE Out-Of-Band Data Retrieval Vendor: CyberPower Systems, Inc. Product web page: https://www.cyberpowersystems.com Affected version: 3.1.2 37567 Business Edition Summary: The PowerPanel® Business Editi...
CyberPower Systems PowerPanel 3.1.2 - XML External Entity Out-Of-Band Data Retrieval
CyberPower Systems PowerPanel 3.1.2 XXE Out-Of-Band Data Retrieval Vendor: CyberPower Systems, Inc. Product web page: https://www.cyberpowersystems.com Affected version: 3.1.2 37567 Business Edition Summary: The PowerPanel® Business Edition software from CyberPower provides IT professionals with...
CyberPower Systems PowerPanel 3.1.2 XXE Out-Of-Band Data Retrieval
Summary The PowerPanel® Business Edition software from CyberPower provides IT professionals with the tools they need to easily monitor and manage their backup power. Available for compatible CyberPower UPS models, this software supports up to 250 clients, allowing users remote access from any...