Lucene search
+L

3023 matches found

prion
prion
added 2012/08/12 4:55 p.m.17 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in SolarWinds Orion Network Performance Monitor NPM before 10.3.1 allow remote attackers to hijack the authentication of administrators for requests that 1 create user accounts via CreateUserStepContainer actions to...

6.8CVSS7.7AI score0.05979EPSS
Exploits1References6Affected Software1
nvd
nvd
added 2012/08/12 4:55 p.m.18 views

CVE-2012-2602

Multiple cross-site request forgery CSRF vulnerabilities in SolarWinds Orion Network Performance Monitor NPM before 10.3.1 allow remote attackers to hijack the authentication of administrators for requests that 1 create user accounts via CreateUserStepContainer actions to...

6.8CVSS7.2AI score0.05979EPSS
Exploits1References6
prion
prion
added 2012/08/12 4:55 p.m.16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in SolarWinds Orion Network Performance Monitor NPM before 10.3.1 allow remote attackers to inject arbitrary web script or HTML via the 1 syslocation, 2 syscontact, or 3 sysName field of an snmpd.conf file...

4.3CVSS6AI score0.1021EPSS
Exploits1References5Affected Software1
cvelist
cvelist
added 2012/08/12 4:0 p.m.25 views

CVE-2012-2577

Multiple cross-site scripting XSS vulnerabilities in SolarWinds Orion Network Performance Monitor NPM before 10.3.1 allow remote attackers to inject arbitrary web script or HTML via the 1 syslocation, 2 syscontact, or 3 sysName field of an snmpd.conf file...

5.7AI score0.1021EPSS
Exploits1References5
cvelist
cvelist
added 2012/08/12 4:0 p.m.23 views

CVE-2012-2602

Multiple cross-site request forgery CSRF vulnerabilities in SolarWinds Orion Network Performance Monitor NPM before 10.3.1 allow remote attackers to hijack the authentication of administrators for requests that 1 create user accounts via CreateUserStepContainer actions to...

7.2AI score0.05979EPSS
Exploits1References6
cve
cve
added 2012/08/12 4:0 p.m.48 views

CVE-2012-2602

CVE-2012-2602 affects SolarWinds Orion Network Performance Monitor (NPM) prior to 10.3.1, enabling CSRF attacks that can hijack administrator sessions to: (1) create new user accounts via CreateUserStepContainer on Admin/Accounts/Add/OrionAccount.aspx and (2) modify account privileges via a ynAdm...

6.8CVSS7.4AI score0.05979EPSS
Exploits1References6Affected Software1
cve
cve
added 2012/08/12 4:0 p.m.45 views

CVE-2012-2577

SolarWinds Orion NPM versions prior to 10.3.1 are affected by CVE-2012-2577 due to multiple XSS vulnerabilities that allow injection via the syslocation, syscontact, or sysName fields in snmpd.conf. Connected sources (NVD and Nessus NASL) corroborate that SolarWinds Orion NPM

4.3CVSS5.8AI score0.1021EPSS
Exploits1References5Affected Software1
cert
cert
added 2012/08/03 12:0 a.m.41 views

Solarwinds Network Performance Monitor 10.2.2 contains multiple vulnerabilities

Overview Solarwinds Network Performance Monitor 10.2.2 and possibly earlier versions contain a cross-site scripting XSS, and cross-site request forgery CSRF vulnerability. Description Solarwinds Network Performance Monitor 10.2.2 can be attacked by modifying the snmpd.conf file with malicious...

6.8CVSS7.5AI score0.1021EPSS
Exploits2References1
exploitpack
exploitpack
added 2012/07/21 12:0 a.m.17 views

SolarWinds Orion Network Performance Monitor 10.2.2 - Multiple Vulnerabilities

SolarWinds Orion Network Performance Monitor 10.2.2 - Multiple Vulnerabilities / Exploit Title: SolarWinds Orion Network Performance Monitor 10.2.2 Multiple Vulnerabilities Date: Jul 21 2012 Author: muts Version: SolarWinds Orion Network Performance Monitor 10.2.2 Vendor URL:...

0.2AI score
Exploits0
exploitdb
exploitdb
added 2012/07/21 12:0 a.m.46 views

SolarWinds Orion Network Performance Monitor 10.2.2 - Multiple Vulnerabilities

/ Exploit Title: SolarWinds Orion Network Performance Monitor 10.2.2 Multiple Vulnerabilities Date: Jul 21 2012 Author: muts Version: SolarWinds Orion Network Performance Monitor 10.2.2 Vendor URL: http://www.solarwinds.com/ Timeline: 29 May 2012: Vulnerability reported to CERT 30 May 2012:...

7.4AI score
Exploits0
zdt
zdt
added 2012/07/20 12:0 a.m.32 views

SolarWinds Orion Network Performance Monitor 10.2.2 Multiple Vulnerabilities

Exploit for windows platform in category web applications / Exploit Title: SolarWinds Orion Network Performance Monitor 10.2.2 Multiple Vulnerabilities Date: Jul 21 2012 Author: muts Version: SolarWinds Orion Network Performance Monitor 10.2.2 Vendor URL: http://www.solarwinds.com/ Timeline: 29 M...

7.1AI score
Exploits0
saint
saint
added 2012/05/17 12:0 a.m.30 views

SolarWinds Storage Manager SQL Injection

Added: 05/17/2012 BID: 51639 OSVDB: 81634 Background SolarWinds Storage Manager is agentless heterogeneous monitoring and reporting of the performance and capacity of physical and virtual storage infrastructure. It delivers visibility and insight into how your storage infrastructure maps to your...

0.7AI score
Exploits0
saint
saint
added 2012/05/17 12:0 a.m.27 views

SolarWinds Storage Manager SQL Injection

Added: 05/17/2012 BID: 51639 OSVDB: 81634 Background SolarWinds Storage Manager is agentless heterogeneous monitoring and reporting of the performance and capacity of physical and virtual storage infrastructure. It delivers visibility and insight into how your storage infrastructure maps to your...

0.7AI score
Exploits0
saint
saint
added 2012/05/17 12:0 a.m.39 views

SolarWinds Storage Manager SQL Injection

Added: 05/17/2012 BID: 51639 OSVDB: 81634 Background SolarWinds Storage Manager is agentless heterogeneous monitoring and reporting of the performance and capacity of physical and virtual storage infrastructure. It delivers visibility and insight into how your storage infrastructure maps to your...

8.3AI score
Exploits0
saint
saint
added 2012/05/17 12:0 a.m.21 views

SolarWinds Storage Manager SQL Injection

Added: 05/17/2012 BID: 51639 OSVDB: 81634 Background SolarWinds Storage Manager is agentless heterogeneous monitoring and reporting of the performance and capacity of physical and virtual storage infrastructure. It delivers visibility and insight into how your storage infrastructure maps to your...

8.3AI score
Exploits0
nessus
nessus
added 2012/05/16 12:0 a.m.35 views

SolarWinds Storage Manager Server LoginServlet loginName Parameter SQL Injection

The version of SolarWinds Storage Manager running on the remote host has a SQL injection vulnerability in the 'loginName' parameter of the 'LoginServlet' page. An attacker can leverage this flaw to bypass authentication, execute arbitrary SQL commands on the underlying database, and possibly...

6.4AI score
Exploits0References2
nessus
nessus
added 2012/05/16 12:0 a.m.20 views

SolarWinds Storage Manager Detection

SolarWinds Storage Manager was detected on the remote host. SolarWinds Storage Manager is a web-based storage management application. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid59115; scriptversion"1.5"; scriptcvsdate"Date: 2019/11/22";...

5.5AI score
Exploits0References1
packetstorm
packetstorm
added 2012/05/06 12:0 a.m.20 views

Solarwinds Storage Manager 5.1.0 SQL Injection

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Solarwinds Storag...

0.8AI score
Exploits0
metasploit
metasploit
added 2012/05/04 1:24 a.m.19 views

Solarwinds Storage Manager 5.1.0 SQL Injection

This module exploits a SQL injection found in Solarwinds Storage Manager login interface. It will send a malicious SQL query to create a JSP file under the web root directory, and then let it download and execute our malicious executable under the context of SYSTEM. This module requires Metasploi...

8.2AI score
Exploits0
zdt
zdt
added 2012/05/04 12:0 a.m.13 views

Solarwinds Storage Manager 5.1.0 SQL Injection

Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...

7.1AI score
Exploits0
Rows per page
Query Builder