CVE-2018-7235

Schneider Electric Pelco Sarix Professional devices running firmware before 3.29.67 are vulnerable to arbitrary system file download caused by lack of validation of shell metacharacters in the system.download.sd_file parameter. Exploitation is network-vector with high impact (CVE-2018-7235; CVSS ...

CVE-2018-7234

Schneider Electric Pelco Sarix Professional devices running firmware older than 3.29.67 are affected by an arbitrary system file download vulnerability. The issue arises from insufficient validation in SSL/TLS handling, enabling an attacker to download arbitrary files via the /cgi-bin/ssldownload...

CVE-2018-7234

A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow arbitrary system file download due to lack of validation of SSL certificate...

CVE-2018-7237

Summary: The vulnerability CVE-2018-7237 affects Schneider Electric’s Pelco Sarix Professional cameras. In firmware versions prior to 3.29.67, an attacker could remotely trigger deletion of arbitrary system files due to lack of validation of the /login/bin/set_param parameter value for system.del...

OpenText Document Sciences xPression 4.5SP1 Patch 13 Arbitrary File Read

Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - Arbitrary File Read Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14754 Affected Software: ================== OpenText Document Sciences xPression formerly EMC Document Sciences xPression Explo...

Philips' DoseWise Portal Plaintext Storage Vulnerability

Philips' DoseWise Portal is a web-based reporting and tracking tool for radiation exposure. A plaintext storage vulnerability exists in Philips' DoseWise Portal. An attacker obtains text web application store login credentials in a back-end system file...

Cisco Application Policy Infrastructure Controller Custom Binary Privilege Escalation Vulnerability

A vulnerability in the build procedure for certain executable system files installed at boot time on Cisco Application Policy Infrastructure Controller APIC devices could allow an authenticated, local attacker to gain root-level privileges. The vulnerability is due to a custom executable system...

Fiyo CMS SQL Injection Vulnerability (CNVD-2017-23895)

Fiyo CMS is a content management system CMS for creating CMS templates. A SQL injection vulnerability exists in the dapur/apps/appcomment/syscomment.php file in Fiyo CMS version 2.0.7. A remote attacker can exploit the vulnerability with $POST'comment', $POST'name', $POST'web', $POST'email',...

HP OpenCall Media Platform Remote Code Execution Vulnerability

HP OpenCall Media Platform is a suite of voice and video servers for developing and deploying messaging, portal and interactive services. A remote code execution vulnerability exists in HP OpenCall Media Platform, which could allow a remote attacker to exploit the vulnerability with a specific...

Authentication flaw

A firewall bypass vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to bypass firewall policies, leading to authentication bypass methods, information disclosure, modification of system files, and...

CVE-2017-2331

A firewall bypass vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to bypass firewall policies, leading to authentication bypass methods, information disclosure, modification of system files, and...

CVE-2017-6614

A vulnerability in the file-download feature of the web user interface for Cisco FindIT Network Probe Software 1.0.0 could allow an authenticated, remote attacker to download and view any system file by using the affected software. The vulnerability is due to the absence of role-based access...

Design/Logic Flaw

A vulnerability in the file-download feature of the web user interface for Cisco FindIT Network Probe Software 1.0.0 could allow an authenticated, remote attacker to download and view any system file by using the affected software. The vulnerability is due to the absence of role-based access...

Cisco FindIT Network Probe Information Disclosure Vulnerability

A vulnerability in the file-download feature of the web user interface for Cisco FindIT Network Probe Software could allow an authenticated, remote attacker to download and view any system file by using the affected software. The vulnerability is due to the absence of role-based access control RB...

Bull / IBM AIX Clusterwatch/Watchware - Multiple Vulnerabilities

Exploit for cgi platform in category web applications Bull Clusterwatch/Watchware is a VERY VERY OLD tool used by sysadmins to manage their AIX clusters. Marble effect in the web banner and questionable font: it smells the 90s ! Tool is mainly a web app with CGIs shell scripts and binaries and we...

CVE-2016-6648

EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for Virtual Machines versions before 5.0 are affected by sensitive information disclosure vulnerability as a result of incorrect permissions set on a sensitive system file. A malicious administrator with configuration privileges may...

CVE-2016-6648

EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for Virtual Machines versions before 5.0 are affected by sensitive information disclosure vulnerability as a result of incorrect permissions set on a sensitive system file. A malicious administrator with configuration privileges may...

CVE-2016-6648

Affected software : EMC RecoverPoint (before 4.4.1.1) and EMC RecoverPoint for Virtual Machines (before 5.0). Vulnerability : Local information disclosure due to incorrect permissions on a sensitive system file. Actor/Trigger : A malicious administrator with configuration privileges can access th...

moodle -- multiple vulnerabilities

Marina Glancy reports: MSA-17-0001: System file inclusion when adding own preset file in Boost theme MSA-17-0002: Incorrect sanitation of attributes in forums MSA-17-0003: PHPMailer vulnerability in no-reply address MSA-17-0004: XSS in assignment submission page...

F5 BIG-IP - BIG-IP virtual server with HTTP Explicit Proxy and/or SOCKS vulnerability CVE-2016-5700

F5 BIG-IP virtual servers with a configuration using the HTTP Explicit Proxy functionality and/or SOCKS profile are vulnerable to an unauthenticated, remote attack that allows modification of BIG-IP system configuration, extraction of sensitive system files, and/or possible remote command executi...