CVE-2016-4314

Directory traversal vulnerability in the LogViewer Admin Service in WSO2 Carbon 4.4.5 allows remote authenticated administrators to read arbitrary files via a .. dot dot in the logFile parameter to downloadgz-ajaxprocessor.jsp...

CVE-2016-5628

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: DML...

Dentsply Sirona CDR DICOM Hardcoded Credentials Security Bypass Vulnerability

Dentsply Sirona CDR DICOM is a software package for managing medical dental records. A security vulnerability exists in Dentsply Sirona CDR DICOM 5 and prior versions, which stems from the program containing hard-coded database credentials. A remote attacker could exploit the vulnerability to gai...

Siemens SIPROTEC 4/SIPROTEC Compact Authentication Bypass Vulnerability

SIPROTEC 4 and SIPROTEC Compact devices provide a wide range of centralized protection, control and automation functions for substations and other applications. An authentication bypass vulnerability exists in Siemens SIPROTEC 4, SIPROTEC Compact devices, versions prior to EN100 Ethernet 4.29. A...

SIEMENS IP Camera CCMW1025 x.2.2.1798 - Remote Admin Credentials Change

!/bin/bash SIEMENS IP Camera CCMW1025 x.2.2.1798 remote change admin user/password Copyright 2016 c Todor Donev http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg Disclaimer: This or previous programs is for Educational purpose ONLY. Do not use it without permission. The usu...

SIEMENS IP Camera CCMW1025 x.2.2.1798 - Remote Admin Credentials Change

SIEMENS IP Camera CCMW1025 x.2.2.1798 - Remote Admin Credentials Change !/bin/bash SIEMENS IP Camera CCMW1025 x.2.2.1798 remote change admin user/password Copyright 2016 c Todor Donev http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg Disclaimer: This or previous programs is...

Open Upload 0.4.2 - Cross-Site Request Forgery (Add Admin)

Open Upload 0.4.2 - Cross-Site Request Forgery Add Admin ================================================================================================================ Open Upload 0.4.2 Remote Admin Add CSRF Exploit and Changing Normal user permission...

Open Upload 0.4.2 - Cross-Site Request Forgery (Add Admin)

================================================================================================================ Open Upload 0.4.2 Remote Admin Add CSRF Exploit and Changing Normal user permission...

Open Upload 0.4.2 - Cross-Site Request Forgery (Add Admin)

Exploit for php platform in category web applications ================================================================================================================ Open Upload 0.4.2 Remote Admin Add CSRF Exploit and Changing Normal user permission...

Quick.Cart.Ext 6.7 Cross Site Request Forgery

input type="hidden" name="aPrivilages...

Yona CMS 1.3.x Cross Site Request Forgery

Exploit Title: Yona CMS document.forms0.submit;...

Ionize CMS 1.0.8 Cross Site Request Forgery

Exploit Title: IonizeCMS document.forms0.submit;...

Yona CMS - Cross-Site Request Forgery

document.forms0.submit;...

IonizeCMS 1.0.8 - Cross-Site Request Forgery (Add Admin)

IonizeCMS 1.0.8 - Cross-Site Request Forgery Add Admin document.forms0.submit;...

Yona CMS - Cross-Site Request Forgery

Exploit for php platform in category web applications document.forms0.submit; 0day.today 2018-01-08...

CVE-2015-7792

Corega CG-WLBARGS devices allow remote attackers to perform administrative operations via unspecified vectors...

CVE-2015-7911

Saia Burgess PCD1.M0xx0, PCD1.M2xx0, PCD2.M5xx0, PCD3.Mxx60, PCD3.Mxxx0, PCD7.D4xxD, PCD7.D4xxV, PCD7.D4xxWTPF, and PCD7.D4xxxT5F devices before 1.24.50 and PCD3.T665 and PCD3.T666 devices before 1.24.41 have hardcoded credentials, which allows remote attackers to obtain administrative access via...

PT-2015-2867

Name of the Vulnerable Software and Affected Versions Juniper ScreenOS versions 6.2.0r15 through 6.2.0r18 Juniper ScreenOS versions 6.3.0r12 before 6.3.0r12b Juniper ScreenOS versions 6.3.0r13 before 6.3.0r13b Juniper ScreenOS versions 6.3.0r14 before 6.3.0r14b Juniper ScreenOS versions 6.3.0r15...

JSPMySQL Administrador CSRF & XSS Vulnerabilities

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-JSPMYSQLADMINISTRADOR-0904.txt Vendor: ================================ JSPMySQL Administrador https://sites.google.com/site/mfpledon/producao-de-software Product:...

ICZ MATCHA SNS Privilege Access Control Vulnerability

ICZ MATCHA SNS is a set of SNS software from ICZ Japan. A security vulnerability exists in ICZ MATCHA SNS 1.3.6 and earlier versions. A remote attacker can exploit this vulnerability to gain administrator privileges...