1630 matches found
MarcomCentral FusionPro VDP Creator Directory Traversal
!/usr/bin/env python ''' Exploit Title: MarcomCentral FusionPro VDP Creator :/Windows/System32/drivers/etc/hosts. No slash-dot-dots /../.. are required, but you can add some if you want. Note that the slashes are forward slashes! By default, the service sets up a listener on port 8080. Vendor...
Unauthorized client-side property update in UIDL request handler in Vaadin 10 and 11
Missing check in UIDL request handler in com.vaadin:flow-server versions 1.0.0 through 1.0.5 Vaadin 10.0.0 through 10.0.7, and Vaadin 11.0.0 through 11.0.2 allows attacker to update element property values via crafted synchronization message. See CWE-754: Improper Check for Unusual or Exceptional...
Privilege Escalation
ASP.NET Core and .NET Core are affected by a privilege escalation vulnerability. An unauthenticated attacker could submit malicious input which would lead to privilege escalation due to the way the web request handler handles web requests...
The vulnerability of the NVBUEventHistory Get request handler in the NetVault Backup software allows a attacker to execute arbitrary code.
The vulnerability of the NVBUEventHistory Get request handler in the NetVault Backup data archiving and restoration software lies in the insufficient protection of the SQL query structure. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary code...
The vulnerability of the NVBUTransferHistory Get request handler in the NetVault Backup software allows a attacker to execute arbitrary code.
The vulnerability of the NVBUTransferHistory Get request handler in the NetVault Backup software for data archiving and restoration is related to insufficient protection of the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the request handler of the NVBUSourceDeviceSet Get function in the software for data archiving and restoration by NetVault Backup allows a attacker to execute arbitrary code.
The vulnerability of the NVBUSourceDeviceSet Get request handler in software for data archiving and restoration in NetVault Backup is related to insufficient protection of the SQL query structure. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...
CVE-2017-16930
The remote management interface on the Claymore Dual GPU miner 10.1 allows an unauthenticated remote attacker to execute arbitrary code due to a stack-based buffer overflow in the request handler. This can be exploited via a long API request that is mishandled during logging...
CVE-2017-16930
The remote management interface on the Claymore Dual GPU miner 10.1 allows an unauthenticated remote attacker to execute arbitrary code due to a stack-based buffer overflow in the request handler. This can be exploited via a long API request that is mishandled during logging...
CVE-2017-12629
Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is NOT vulnerable to this. Note that the XML extern...
Ipswitch WhatsUp Gold < 16.4 Multiple Vulnerabilities
The remote host has a version of Ipswitch WhatsUp Gold installed that is prior to 16.4.0. It is, therefore, affected by the following vulnerabilities : - Multiple SQL injection vulnerabilities exist due to improper sanitization of user-supplied input to the 'sUniqueID' parameter and the 'find...
IBM Security AppScan Standard 9.0.2 - OLE Automation Array Remote Code Execution
!/usr/bin/python import BaseHTTPServer, socket IBM Security AppScan Standard OLE Automation Array Remote Code Execution Author: Naser Farhadi Linkedin: http://ir.linkedin.com/pub/naser-farhadi/85/b3b/909 Date: 1 June 2015 Version: function runmumaa On Error Resume Next set shell=createobject"Shel...
Dell ScriptLogic Asset Manager GetClientPackage SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Dell ScriptLogic Asset Manager, also known as Quest Workspace Asset Manager. Authentication is not required to exploit this vulnerability. To exploit this security flaw, an attacker would make a...
Symantec-Endpoint-Protection-Manager
Symantec has an http request handler called ConfigServerHandler that is programmatically restricted to only handle requests that come from localhost. I guess when they wrote this they just assumed that there was never going to be a way to send untrusted input to it since it was always going to be...
CVE-2014-9304
Plex Media Server before 0.9.9.3 allows remote attackers to bypass the web server whitelist, conduct SSRF attacks, and execute arbitrary administrative actions via multiple crafted X-Plex-Url headers to system/proxy, which are inconsistently processed by the request handler in the backend web...
Server side request forgery (ssrf)
Plex Media Server before 0.9.9.3 allows remote attackers to bypass the web server whitelist, conduct SSRF attacks, and execute arbitrary administrative actions via multiple crafted X-Plex-Url headers to system/proxy, which are inconsistently processed by the request handler in the backend web...
UBUNTU-CVE-2014-2739
The cmareqhandler function in drivers/infiniband/core/cma.c in the Linux kernel 3.14.x through 3.14.1 attempts to resolve an RDMA over Converged Ethernet aka RoCE address that is properly resolved within a different module, which allows remote attackers to cause a denial of service incorrect...
Solr: XML eXternal Entity (XXE) flaw in XML and XSLT UpdateRequestHandler
The UpdateRequestHandler for XML in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...
Solr: XML eXternal Entity (XXE) flaw in XML and XSLT UpdateRequestHandler
The UpdateRequestHandler for XML in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...
Solr: XML eXternal Entity (XXE) flaw in XML and XSLT UpdateRequestHandler
The 1 UpdateRequestHandler for XSLT or 2 XPathEntityProcessor in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue, different...
DEBIAN-CVE-2013-6408
The DocumentAnalysisRequestHandler in Apache Solr before 4.3.1 does not properly use the EmptyEntityResolver, which allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Enti...