153 matches found
CVE-2015-4593
eClinicalWorks Population Health CCMR suffers from a cross-site request forgery CSRF vulnerability in portalUserService.jsp which allows remote attackers to hijack the authentication of content administrators for requests that could lead to the creation, modification and deletion of users,...
Joomla! 3.4.4 < 3.6.4 Multiple Vulnerabilities
According to its self-reported version number, the Joomla! installation running on the remote web server is 3.4.4 or later but prior to 3.6.4. It is, therefore, affected by multiple vulnerabilities : - A privilege escalation vulnerability exists in the Joomla! core user registration component due...
CompuSource Systems Real Time Home Banking - Local Privilege Escalation
CompuSource Systems Real Time Home Banking - Local Privilege Escalation Exploit Title: CompuSource Systems - Real Time Home Banking - Local Privilege Escalation/Arbitrary Code Execution Date: 2/25/16 Exploit Author: [email protected] Vendor Homepage: https://www.css4cu.com :...
PHP Server Monitor Multiple CSRF Vulnerabilities
PHP Server Monitor is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpserver:monitor";...
Request access to this page. userFullName can be modified.
Steps to reproduce: 1.-Create a page and grant permissions only for you 2.-Modify this url to point to your pageId https://extranet.atlassian.com/pages/viewpage.action?pageId=XXXXXXX&username=scia&userFullName=Scott%2BFarquhar&grantAccess=true 3.- You will be asked to grant Scott Farquhar...
Request access to this page. userFullName can be modified.
Steps to reproduce: 1.-Create a page and grant permissions only for you 2.-Modify this url to point to your pageId https://extranet.atlassian.com/pages/viewpage.action?pageId=XXXXXXX&username=scia&userFullName=Scott%2BFarquhar&grantAccess=true 3.- You will be asked to grant Scott Farquhar...
WSS最新版某处SQL注入直接获取数据
简要描述: WSS最新版某处SQL注入直接获取数据 详细说明: WSS最新版1.3.2 在任务执行人修改处存在SQL注入 defaulttaskedituser.php文件: http://localhost/WSS1.3.2cn/wss/defaulttaskedituser.php csatouser=123' union select 1 from select count,concatfloorrand02,select concat0x23,tkuserlogin,0x23,tkuserpass from tkuser limit 0,1a from...
CGI Script Center Subscribe Me Lite 2.0 Administrative Password Alteration (1)
No description provided by source. source: http://www.securityfocus.com/bid/1607/info Regardless of privilege level, any remote user can modify the administrative password for CGI Script Centers' Subscribe Me Lite. This would grant the user full administrative privileges which includes addition o...
Solaris <= 2.5.1 rsh socket descriptor Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/453/info A vulnerability in rsh exists that can allow a regular user to modify a root owned socket descriptor. The consequences of this are a possible denial of service due to interfaces being manipulated by malicious...
CVE-2014-1685
The Frontend in Zabbix before 1.8.20rc2, 2.0.x before 2.0.11rc2, and 2.2.x before 2.2.2rc1 allows remote "Zabbix Admin" users to modify the media of arbitrary users via unspecified vectors...
CVE-2014-1934
tag.py in eyeD3 aka python-eyed3 7.0.3, 0.6.18, and earlier for Python allows local users to modify arbitrary files via a symlink attack on a temporary file...
Nessus本地权限提升漏洞
Nessus是一款流行的系统漏洞扫描与分析软件。 Nessus恶意进程检测插件存在安全漏洞,由于该插件会创建一个以SYSTEM运行的服务程序,并且低权限用户可允许修改该程序,允许攻击者利用漏洞创建恶意程序并执行,提升权限。 0 Nessus appliance engine 5.2.1 目前没有详细解决方案提供: http://www.nessus.org/...
Blue Coat ProxySG Local User Modification Race Condition
The remote Blue Coat ProxySG device's SGOS self-reported version is prior to 6.5.4.0. It is, therefore, potentially affected by a race condition issue during the time before the new changes take effect after a local user account modification due to configuration caching. User account modification...
CVE-2013-6412
The transformsave function in transform.c in Augeas 1.0.0 through 1.1.0 does not properly calculate the permission values when the umask contains a "7," which causes world-writable permissions to be used for new files and allows local users to modify the files via unspecified vectors...
Raidsonic NAS Devices Unauthenticated Remote Command Execution
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Raidsonic NAS Devices Unauthenticated...
Wind news. net version arbitrary code execution(the official has demo)-vulnerability warning-the black bar safety net
Registered users, published articles, capture modification of the package, killed First look at the uploads directory has no execute permissions, and found no, it seems to be in the bag. ! 1 ! 2 ! 3 ! 4...
CVE-2013-1815
A flaw was found in PackStack. This vulnerability allows a local user to modify deployed systems by changing the answer file, which is created in insecure directories such as /tmp or the current working directory. This insecure file creation could lead to unauthorized system modifications...
Assi website promotion system 4.0 injection vulnerability-vulnerability warning-the black bar safety net
Title: Assi website promotion system 4.0 injection vulnerability Time: 2011-10-29 Team:90sec Author: mer4en7y POST data is not filtered: if$post=="post" $dizhi=$POST'dizhi'; $youbian = $POST'youbian'; $qq = $POST'qq'; $dianhua = $POST'dianhua'; $shenfenzheng = $POST'shenfenzheng';...
Cuteflow 2.10.3 - edituser.php Security Bypass
Cuteflow 2.10.3 - edituser.php Security Bypass It's possible edit the users including the admin account, bypassing the authentication through the address: http://localhost/cuteflow/pages/edituser.php?userid=1&language=pt&sortby=st rLastName&sortdir=ASC&start=1 The vulnerability is caused due to t...
Cuteflow 2.10.3 edituser.php Security Bypass Vulnerability
Exploit for unknown platform in category web applications ========================================================== Cuteflow 2.10.3 edituser.php Security Bypass Vulnerability ========================================================== It's possible edit the users including the admin account,...