1118 matches found
HTTP TRACE Allowed
The HTTP TRACE method allows a client to send a request to the server, and have the same request sent back in the server's response. This allows the client to determine if the server is receiving the request as expected. Often this method is used for debugging purposes e.g. to verify that a reque...
AlienVault OSSIM/USM Remote Code Execution Exploit
This Metasploit module exploits object injection, authentication bypass and ip spoofing vulnerabilities all together. Unauthenticated users can execute arbitrary commands under the context of the root user. By abusing authentication bypass issue on gauge.php lead adversaries to exploit object...
CVE-2016-9703
IBM Security Identity Manager Virtual Appliance does not invalidate session tokens which could allow an unauthorized user with physical access to the work station to obtain sensitive information...
Information disclosure
IBM Security Identity Manager Virtual Appliance does not invalidate session tokens which could allow an unauthorized user with physical access to the work station to obtain sensitive information...
CVE-2016-9703
IBM Security Identity Manager Virtual Appliance does not invalidate session tokens which could allow an unauthorized user with physical access to the work station to obtain sensitive information...
CVE-2016-9703
CVE-2016-9703 affects IBM Security Identity Manager Virtual Appliance. The root issue is that session tokens are not invalidated, which could allow a local attacker with physical access to obtain sensitive workstation information. Documented impact: partial confidentiality exposure without exploi...
AlienVault OSSIM/USM Remote Code Execution
This module exploits object injection, authentication bypass and ip spoofing vulnerabilities all together. Unauthenticated users can execute arbitrary commands under the context of the root user. By abusing authentication bypass issue on gauge.php lead adversaries to exploit object injection...
AlienVault OSSIMUSM 5.3.1 - Remote Code Execution (Metasploit)
AlienVault OSSIMUSM 5.3.1 - Remote Code Execution Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "AlienVault OSSIM/USM Remote Code Execution", 'Description' = %q Th...
AlienVault OSSIM/USM < 5.3.1 - Remote Code Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "AlienVault OSSIM/USM Remote Code Execution", 'Description' = %q This module exploits object injection, authentication bypass an...
WordPress Plugin WP Live Chat Support Stored Cross-Site Scripting Vulnerability
WordPress is a blogging platform developed in PHP by the WordPress Software Foundation.Live Chat Support is one of the chat plugins. WordPress plugin WP Live Chat Support has a stored cross-site scripting vulnerability that can be exploited by an attacker to log in as a WordPress user and perform...
WordPress All in One SEO Pack Plugin 2.3.6.1 - Persistent XSS
Because of this vulnerability, an attacker can steal administrators session token or perform other arbitrary actions. Solution Update the WordPress plugin to the newer stable and safe version...
CVE-2016-5722
Huawei OceanStor 5300 V3, 5500 V3, 5600 V3, 5800 V3, 6800 V3, 18800 V3, and 18500 V3 before V300R003C10 sends the plaintext session token in the HTTP header, which allows remote attackers to conduct replay attacks and obtain sensitive information by sniffing the network...
Design/Logic Flaw
Huawei OceanStor 5300 V3, 5500 V3, 5600 V3, 5800 V3, 6800 V3, 18800 V3, and 18500 V3 before V300R003C10 sends the plaintext session token in the HTTP header, which allows remote attackers to conduct replay attacks and obtain sensitive information by sniffing the network...
CVE-2016-5722
CVE-2016-5722 affects Huawei OceanStor storage series (5300 V3, 5500 V3, 5600 V3, 5800 V3, 6800 V3, 18800 V3, 18500 V3) prior to version V300R003C10 . Root cause: the session token is transmitted in plaintext within the HTTP header, enabling remote attackers to sniff traffic and perform replay at...
CVE-2016-5722
Huawei OceanStor 5300 V3, 5500 V3, 5600 V3, 5800 V3, 6800 V3, 18800 V3, and 18500 V3 before V300R003C10 sends the plaintext session token in the HTTP header, which allows remote attackers to conduct replay attacks and obtain sensitive information by sniffing the network...
AirDroid Patches Vulnerability Exposing Android Data
A critical vulnerability impacting 50 million Android users running the popular AirDroid application has been patched. AirDroid, an app that allows you link an Android device to a computer and send SMS messages, run apps and add contacts via a Wi-Fi connected web browser, released the patch Jan...
Cisco Unified Communications Manager Denial of Service Vulnerability (CNVD-2015-08374)
Cisco Unified Communications Manager CUCM, Unified CM is a call-processing component of a unified communications system from Cisco. The component provides a scalable, distributable and highly available enterprise IP telephony call processing solution. A security vulnerability exists in the Identi...
Janitza UMG Session Token Flaw Vulnerability
The Janitza UMG is an online power quality monitor for the energy industry from Janitza Germany. Janitza UMG 508, 509, 511, 604,605 has a session-token flaw. Allows a remote attacker to perform calculations on the session-token value and determine the PIN value...
CVE-2015-3973
Janitza UMG 508, 509, 511, 604, and 605 devices improperly generate session tokens, which makes it easier for remote attackers to determine a PIN value via unspecified computations on session-token values...
Symantec Endpoint Protection ConsoleServlet ResetPassword Policy Bypass (CVE-2015-1486)
An authentication bypass vulnerability exists in Symantec Endpoint Protection. This vulnerability is due to a design flaw that lets unauthenticated users to retrieve a valid session token. A remote, unauthenticated attacker may exploit this vulnerability to create an admin account and access the...