Lucene search
K

123 matches found

Saint
Saint
added 2013/02/04 12:0 a.m.53 views

Adobe InDesign Server SOAP interface RunScript command execution

Added: 02/04/2013 BID: 56574 OSVDB: 87548 Background Adobe InDesign is a desktop publishing application. It includes a server interface providing an API for software developers using SOAP. Problem The SOAP interface in Adobe InDesign Server allows remote, unauthenticated attackers to run arbitrar...

7.8AI score
Exploits0
Saint
Saint
added 2013/02/04 12:0 a.m.96 views

Adobe InDesign Server SOAP interface RunScript command execution

Added: 02/04/2013 BID: 56574 OSVDB: 87548 Background Adobe InDesign is a desktop publishing application. It includes a server interface providing an API for software developers using SOAP. Problem The SOAP interface in Adobe InDesign Server allows remote, unauthenticated attackers to run arbitrar...

1.5AI score
Exploits0
Saint
Saint
added 2013/02/04 12:0 a.m.36 views

Adobe InDesign Server SOAP interface RunScript command execution

Added: 02/04/2013 BID: 56574 OSVDB: 87548 Background Adobe InDesign is a desktop publishing application. It includes a server interface providing an API for software developers using SOAP. Problem The SOAP interface in Adobe InDesign Server allows remote, unauthenticated attackers to run arbitrar...

1.5AI score
Exploits0
OpenVAS
OpenVAS
added 2012/08/28 12:0 a.m.14 views

Oracle WebLogic Server Multiple Security Bypass Vulnerabilities

Oracle WebLogic Server is prone to multiple security bypass vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.2AI score
Exploits0References6
Saint
Saint
added 2012/08/17 12:0 a.m.20 views

Oracle Business Transaction Management FlashTunnelService WriteToFile Vulnerability

Added: 08/17/2012 BID: 54839 Background Oracle Business Transaction Management BTM is a component of several Oracle Enterprise Manager Management Packs, including WebLogic Server Management Pack Enterprise Edition. Oracle BTM provides capability in three key areas: transaction visibility,...

8.1AI score
Exploits0
securityvulns
securityvulns
added 2012/08/13 12:0 a.m.44 views

Oracle Business Transaction Management Server FlashTunnelService Remote File Deletion

Oracle Business Transaction Management Server 12.1.0.2.7 FlashTunnelService Remote File Deletion tested against: Microsoft Windows Server 2003 r2 sp2 Oracle WebLogic Server 12c 12.1.1 Oracle Business Transaction Management Server 12.1.0.2.7 Production version files tested:...

1.1AI score
Exploits0
securityvulns
securityvulns
added 2012/08/13 12:0 a.m.28 views

Oracle Business Transaction Management Server directory traversal

FlashTunnelService allows arbitrary files deletion via SOAP interface...

4.6AI score
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2012/08/07 12:0 a.m.35 views

Oracle BTM 12.1.0.2.7 Remote File Deletion

Oracle Business Transaction Management Server 12.1.0.2.7 FlashTunnelService Remote File Deletion tested against: Microsoft Windows Server 2003 r2 sp2 Oracle WebLogic Server 12c 12.1.1 Oracle Business Transaction Management Server 12.1.0.2.7 Production version files tested:...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2012/08/07 12:0 a.m.35 views

Oracle BTM Server 12.1.0.2.7 Remote Code Execution

Oracle Business Transaction Management Server 12.1.0.2.7 FlashTunnelService WriteToFile Message Remote Code Execution Exploit tested against: Microsoft Windows Server 2003 r2 sp2 Oracle WebLogic Server 12c 12.1.1 Oracle Business Transaction Management Server 12.1.0.2.7 Production version files...

Exploits0
Tenable Nessus
Tenable Nessus
added 2012/06/13 12:0 a.m.33 views

FreeBSD : mantis -- multiple vulnerabilities (55587adb-b49d-11e1-8df1-0004aca374af)

Mantis reports : Roland Becker and Damien Regad MantisBT developers found that any user able to report issues via the SOAP interface could also modify any bugnotes comments created by other users. In a default/typical MantisBT installation, SOAP API is enabled and any user can sign up to report n...

7.5CVSS5.4AI score0.03829EPSS
Exploits1References5
FreeBSD
FreeBSD
added 2012/06/09 12:0 a.m.45 views

mantis -- multiple vulnerabilities

Mantis reports: Roland Becker and Damien Regad MantisBT developers found that any user able to report issues via the SOAP interface could also modify any bugnotes comments created by other users. In a default/typical MantisBT installation, SOAP API is enabled and any user can sign up to report ne...

7.5CVSS6.3AI score0.03829EPSS
Exploits1References2
securityvulns
securityvulns
added 2012/06/03 12:0 a.m.100 views

DDIVRT-2012-44 Epicor Returns Management SOAP-Based Blind SQL Injection

Title ----- DDIVRT-2012-44 Epicor Returns Management SOAP-Based Blind SQL Injection Severity -------- High Date Discovered --------------- April 12, 2012 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: Chris Graham and r@b13$ Vulnerability Description...

0.7AI score
Exploits0
Metasploit
Metasploit
added 2011/12/16 5:9 a.m.26 views

Novell eDirectory eMBox Unauthenticated File Access

This module will access Novell eDirectory's eMBox service and can run the following actions via the SOAP interface: GETDN, READLOGS, LISTSERVICES, STOPSERVICE, STARTSERVICE, SETLOGFILE. This module requires Metasploit: https://metasploit.com/download Current source:...

7.5CVSS0.4AI score0.58179EPSS
Exploits3
Exploit DB
Exploit DB
added 2011/10/24 12:0 a.m.40 views

SAP Management Console - OSExecute Payload Execution (Metasploit)

$Id: sapmgmtconosexecpayload.rb 14048 2011-10-24 16:42:07Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

7.4AI score
Exploits0
0day.today
0day.today
added 2011/10/23 12:0 a.m.24 views

SAP Management Console OSExecute Payload Execution

Exploit for php platform in category web applications $Id: sapmgmtconosexecpayload.rb 14048 2011-10-24 16:42:07Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more informati...

7.1AI score
Exploits0
Metasploit
Metasploit
added 2011/10/22 9:33 p.m.19 views

SAP Management Console OSExecute

This module allows execution of operating system commands through the SAP Management Console SOAP Interface. A valid username and password must be provided. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

7.8AI score
Exploits0
Metasploit
Metasploit
added 2011/10/22 8:3 p.m.32 views

SAP Management Console Get Access Points

This module simply attempts to output a list of SAP access points through the SAP Management Console SOAP Interface. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP Management Console Get...

0.5AI score
Exploits0
Metasploit
Metasploit
added 2011/10/22 8:3 p.m.34 views

SAP Management Console Get Process Parameters

This module simply attempts to output a SAP process parameters and configuration settings through the SAP Management Console SOAP Interface. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP...

7AI score
Exploits0
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.121 views

[USN-1137-1] Eucalyptus vulnerability

========================================================================== Ubuntu Security Notice USN-1137-1 May 26, 2011 eucalyptus, rampart vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...

6.5CVSS0.6AI score0.02174EPSS
Exploits0
Metasploit
Metasploit
added 2011/03/02 6:46 p.m.50 views

SAP Management Console Brute Force

This module simply attempts to brute force the username and password for the SAP Management Console SOAP Interface. If the SAPSID value is set it will replace instances of in any user/pass from any wordlist. This module requires Metasploit: https://metasploit.com/download Current source:...

7.1AI score
Exploits0
Rows per page
Query Builder