Lucene search
K

708 matches found

OpenVAS
OpenVAS
added 2015/01/05 12:0 a.m.7 views

Fedora Update for jenkins-remoting FEDORA-2014-15776

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Metasploit
Metasploit
added 2014/12/04 10:6 p.m.85 views

Powershell Remoting Remote Command Execution

This module uses Powershell Remoting TCP 47001 to inject payloads on target machines. If RHOSTS are specified, it will try to resolve the IPs to hostnames, otherwise use a HOSTFILE to supply a list of known hostnames. This module requires Metasploit: https://metasploit.com/download Current source...

7.5CVSS0.63703EPSS
Exploits13
myhack58
myhack58
added 2014/11/25 12:0 a.m.19 views

CVE-2 0 1 4-1 8 0 6 . NET Remoting Services vulnerability analysis-vulnerability warning-the black bar safety net

0x00 description Microsoft . NET Remoting is a distributed processing manner, there is provided a method that allows the object by the application domain with the other objects to interact with the framework. A few days ago James Forshaw posted a CVE-2 0 1 4-1 8 0 6 . NET Remoting Services exploi...

0.9AI score
Exploits0
myhack58
myhack58
added 2014/11/25 12:0 a.m.14 views

. NET remote code execution MS14-0 2 6/CVE-2 0 1 4-1 8 0 6-a vulnerability warning-the black bar safety net

今天 看 到 小 猪 在 safekey 的 群 里面 说 关注 了 很 久 了 一 个 .NET a remote code execution vulnerability exp discloses, then immediately go to exploit-db to find the next find the it. This is Microsoft in 1 4 years 5 months has released a patch for a vulnerability that is MS14-0 2 6/CVE-2 0 1 4-1 8 0 6, bug the...

0.5AI score
Exploits0
NVD
NVD
added 2014/11/24 2:59 a.m.18 views

CVE-2014-5326

Cross-site scripting XSS vulnerability in Direct Web Remoting DWR through 2.0.10 and 3.x through 3.0.RC2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.6AI score0.01148EPSS
Exploits0References2
CVE
CVE
added 2014/11/24 2:0 a.m.90 views

CVE-2014-5326

CVE-2014-5326 : Direct Web Remoting (DWR) has a cross-site scripting (XSS) vulnerability in versions up to 2.0.10 and 3.x up to 3.0.RC2. A remote attacker could inject arbitrary script/HTML via unspecified vectors in pages using DWR. Public details are consistent across IBM and SUSE advisories co...

4.3CVSS5.7AI score0.01148EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2014/11/24 2:0 a.m.26 views

CVE-2014-5326

Cross-site scripting XSS vulnerability in Direct Web Remoting DWR through 2.0.10 and 3.x through 3.0.RC2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.6AI score0.01148EPSS
Exploits0References2
exploitpack
exploitpack
added 2014/11/17 12:0 a.m.77 views

.NET Remoting Services - Remote Command Execution

.NET Remoting Services - Remote Command Execution Source: https://github.com/tyranid/ExploitRemotingService Exploit Database Mirror: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/35280.zip ExploitRemotingService c 2014 James Forshaw...

10CVSS0.2AI score0.39589EPSS
Exploits4
0day.today
0day.today
added 2014/11/17 12:0 a.m.1404 views

.NET Remoting Services Remote Command Execution Vulnerability

Exploit for windows platform in category remote exploits Source: https://github.com/tyranid/ExploitRemotingService Exploit Database Mirror: http://www.exploit-db.com/sploits/35280.zip ExploitRemotingService c 2014 James Forshaw ============================================= A tool to exploit .NET...

10CVSS6.5AI score0.39589EPSS
Exploits4
Exploit DB
Exploit DB
added 2014/11/17 12:0 a.m.150 views

.NET Remoting Services - Remote Command Execution

Source: https://github.com/tyranid/ExploitRemotingService Exploit Database Mirror: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/35280.zip ExploitRemotingService c 2014 James Forshaw ============================================= A tool to exploit .NET Remoting...

10CVSS7AI score0.39589EPSS
Exploits4
GithubExploit
GithubExploit
added 2014/11/14 6:43 p.m.6 views

Exploit for Code Injection in Microsoft

ExploitRemotingService c 2014 James Forshaw ==================...

10CVSS7.5AI score0.39589EPSS
Exploits4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/11/14 5:37 a.m.6 views

Direct Web Remoting (DWR) vulnerable to cross-site scripting

Overview Direct Web Remoting DWR is a Java framework for developing Ajax into web applications. DWR contains a cross-site scripting vulnerability CWE-79. Takeshi Terada of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

4.3CVSS5.9AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/11/14 5:33 a.m.1 views

Direct Web Remoting (DWR) vulnerable to XML external entity injection

Overview Direct Web Remoting DWR is a Java framework for developing Ajax into web applications. DWR contains an XML external entity injection vulnerability CWE-611. Takeshi Terada of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer...

5.8CVSS7.2AI score0.02318EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/11/14 12:0 a.m.67 views

JVN#52422792: Direct Web Remoting (DWR) vulnerable to cross-site scripting

Direct Web Remoting DWR is a Java framework for developing Ajax into web applications. DWR contains a cross-site scripting vulnerability CWE-79. Impact Arbitrary JavaScript may be executed on the user's web browser. Solution Update the Software Update to the latest version of DWR according to the...

4.3CVSS5.6AI score0.01148EPSS
Exploits0
seebug.org
seebug.org
added 2014/11/13 12:0 a.m.24 views

Numara / BMC Track-It! FileStorageService Arbitrary File Upload

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include...

7.1AI score0.80095EPSS
Exploits15
Prion
Prion
added 2014/11/11 10:55 p.m.25 views

Security feature bypass

Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly perform TypeFilterLevel checks, which allows remote attackers to execute arbitrary code via crafted data to a .NET Remoting endpoint, aka "TypeFilterLevel Vulnerability."...

9.3CVSS8.1AI score0.21441EPSS
Exploits3References3Affected Software1
MSRC
MSRC
added 2014/11/11 8:0 a.m.8 views

MS14-072: .NET Remoting Elevation of Privilege Vulnerability

Today Microsoft shipped MS14-072 to the .NET Framework to address an Elevation of Privilege EOP vulnerability in the .NET Remoting feature. This update fixes a specific issue in .NET Remoting that permitted specially crafted remote endpoints to take advantage of this vulnerability. What is .NET...

6.8AI score
Exploits0
0day.today
0day.today
added 2014/10/21 12:0 a.m.63 views

Numara / BMC Track-It! FileStorageService Arbitrary File Upload Exploit

This Metasploit module exploits an arbitrary file upload vulnerability in Numara / BMC Track-It! v8 to v11.X. The application exposes the FileStorageService .NET remoting service on port 9010 9004 for version 8 which accepts unauthenticated uploads. This can be abused by a malicious user to uploa...

7.5CVSS0.4AI score0.80095EPSS
Exploits15
Packet Storm
Packet Storm
added 2014/10/21 12:0 a.m.43 views

Numara / BMC Track-It! FileStorageService Arbitrary File Upload

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Numara / BMC Track-It! FileStorageService Arbitrary File Upload', 'Description' = %q This module exploits an arbitrary file upload...

7.5CVSS9.5AI score0.80095EPSS
Exploits15
Exploit DB
Exploit DB
added 2014/10/21 12:0 a.m.81 views

Numara / BMC Track-It! FileStorageService - Arbitrary File Upload (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Numara / BMC Track-It! FileStorageService Arbitrary File Upload', 'Description' = %q This module exploits an arbitrary file upload...

7.5CVSS7.4AI score0.80095EPSS
Exploits15
Rows per page
Query Builder