Lucene search
K

152 matches found

Openbugbounty
Openbugbounty
added 2018/03/29 9:11 p.m.20 views

byu.edu Improper Access Control vulnerability

Open Bug Bounty ID: OBB-593635 Description| Value ---|--- Affected Website:| byu.edu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6.5...

Exploits0
Packet Storm
Packet Storm
added 2017/12/27 12:0 a.m.43 views

DotNetNuke DreamSlider 01.01.02 Arbitrary File Download

Exploit Title: DotNetNuke DreamSlider Arbitrary File Download Date: 23/01/2014 Author: Glafkos Charalambous Version: 01.01.02 Vendor: DreamSlider Vendor URL: http://www.dreamslider.com/ Google Dork: inurl:/DesktopModules/DreamSlider/ CVE: Description DotNetNuke DreamSlider Module prior to version...

7.4AI score
Exploits0
Veeam
Veeam
added 2017/11/10 8:9 a.m.17 views

General Security Guidelines for Veeam Self-Service Backup Portal

Security Considerations The security advice in this article is provided as a courtesy and is not intended to replace the advice of a professional security consultant. The advice in this article has been tested with the assumption that the machine operating Veeam Backup Enterprise Manager and/or...

5.8AI score
Exploits0
Citrix
Citrix
added 2017/02/03 12:0 a.m.6 views

StoreFront upgrade fails ""The process cannot access the file 'C:\inetpub\wwwroot\Citrix\<store name>\web.config' because it is being used by another process."

In the MSI logs under C:\windows\temp\storefront we see the following exception: "The process cannot access the file 'C:\inetpub\wwwroot\Citrix\web.config' because it is being used by another process."...

7.1AI score
Exploits0
Microsoft KB
Microsoft KB
added 2017/01/07 12:0 a.m.25 views

Description of Update Rollup 2 for System Center 2012 R2 Service Provider Foundation

Description of Update Rollup 2 for System Center 2012 R2 Service Provider Foundation Summary This article describes the issues that are fixed in Update Rollup 2 for Microsoft System Center 2012 R2 Service Provider Foundation SPF. Additionally, this article contains the installation instructions f...

6.9AI score
Exploits0
Citrix
Citrix
added 2016/09/12 12:0 a.m.8 views

Password settings in Web.Config file for PNAgent changes automatically when "Configure XenApp Services Support" Console is opened in Storefront Snapin.

You have modified web.config file manually or using EnablePnaForStore.ps1 for PNAgent site for the Password Options. When you open "Configure XenApp Services Support" Console and click OK on it, the settings change back...

7.1AI score
Exploits0
CNVD
CNVD
added 2016/09/03 12:0 a.m.3 views

Arbitrary File Download Vulnerability in Beijing Zhiqingweiye Submission System

Beijing Zhiqingweiye Submission System is a CMS system for all kinds of topics or magazines, which can be submitted remotely. The product has an arbitrary file download vulnerability, the vulnerability URL is: /Admin/Upload/Index?path=%2Fweb.config&fileName=%E9%99%84%E5%9B%BE&Browser=IE, an...

7.2AI score
Exploits0References1
CNVD
CNVD
added 2016/06/14 12:0 a.m.5 views

EMC RSA Archer eGRC Information Disclosure Vulnerability

EMC RSA Archer eGRC is an enterprise IT governance and compliance governance product from EMC Corporation EMC. The product can be used to manage enterprise risk, automate business processes, and more. A security vulnerability exists in the EMC RSA Archer eGRC 5.5.x release. A remote attacker can...

6.3CVSS7.1AI score0.0083EPSS
Exploits0References1
Veeam
Veeam
added 2016/01/15 12:0 a.m.17 views

How to Force Enterprise Manager Login to Use Form-Based Authentication

Article Applicability This article applies to Veeam Backup & Replication 12.x and older, as in those versions, the default was for Veeam Backup Enterprise Manager to utilize a Windows Authentication pop-up key="useWindowsAuth" value="true". Starting in Veeam Backup Enterprise Manager v13, the...

5.8AI score
Exploits0Affected Software1
CNVD
CNVD
added 2015/10/31 12:0 a.m.3 views

Xuzhou Huawei Information Technology Co., Ltd. electronic document management system contains file inclusion vulnerabilities

Xuzhou City, China Network Information Technology Co., Ltd. electronic document management system is to achieve the school's electronic documents such as electronic lesson plans, classroom materials, rules and regulations, management documents, audio-visual materials, photographs, etc.,...

6.8AI score
Exploits0References1
Citrix
Citrix
added 2015/10/27 12:0 a.m.7 views

Desktop Viewer is Showing Up Even though it has been Disabled Through the web.config File

Desktop Viewer is showing up even though it has been disabled through the web.config file...

7.2AI score
Exploits0
CNVD
CNVD
added 2015/06/23 12:0 a.m.2 views

File Containment Vulnerability in Hangzhou Ancai Network Reimbursement System (CNVD-2017-02374)

Hangzhou Ancai Network Reimbursement System is an online reimbursement system that supports online bill of lading and online approval for employees, bidding farewell to paper transmission and improving the timeliness, safety and standardization of information transmission. A file inclusion...

7AI score
Exploits0References1
CNVD
CNVD
added 2015/06/23 12:0 a.m.7 views

File Containment Vulnerability in Hangzhou Ancai Network Reimbursement System

Hangzhou Ancai Network Reimbursement System is an online reimbursement system that supports online bill of lading and online approval for employees, bidding farewell to paper transmission and improving the timeliness, safety and standardization of information transmission. A file inclusion...

7AI score
Exploits0References1
0day.today
0day.today
added 2014/10/28 12:0 a.m.56 views

HttpCombiner ASP.NET - Remote File Disclosure Vulnerability

Exploit for asp platform in category web applications Exploit Title: HttpCombiner ASP.NET Remote File Disclosure Vulnerability Google Dork: filetype:txt intext:HttpCombiner.ashx Date: 2014-10-10 Exploit Author: Hoang Anh Thai Vendor Homepage:...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2014/10/07 12:0 a.m.24 views

HttpCombiner ASP.NET - Remote File Disclosure

HttpCombiner ASP.NET - Remote File Disclosure Exploit Title: HttpCombiner ASP.NET Remote File Disclosure Vulnerability Google Dork: filetype:txt intext:HttpCombiner.ashx Date: 2014-10-10 Exploit Author: Hoang Anh Thai Vendor Homepage:...

7.5AI score
Exploits0
seebug.org
seebug.org
added 2014/07/17 12:0 a.m.70 views

某教育类通用cms任意文件下载漏洞

简要描述: 某教育类通用cms任意文件下载漏洞 详细说明: 不知道算不算通用 可下载web.config文件,数据库信息文件泄露 http://sbc.xzit.edu.cn/hxjc/DownLoad.aspx?Accessory=../web.config http://hedds.njutcm.edu.cn/DownLoad.aspx?Accessory=../web.config http://www.emcjs.org/DownLoad.aspx?Accessory=../web.config...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.63 views

Namad (IMenAfzar) 2.0.0.0 - Remote File Disclosure Vulnerability

No description provided by source. Securitylab.ir Application Info: Name: Namad Version: 2.0.0.0 Website: http://imenafzar.com Discoverd By: Securitylab.ir Website: http://securitylab.ir Contacts: adminatsecuritylab.ir & info@securitylabdotir Vulnerability Info: Type: Remote File Download...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2014/06/14 12:0 a.m.229 views

DNN &#40;DotNetNuke®&#41; EasyDnnGallery Module Arbitrary File Download Vulnerability

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Title : DNN DotNetNuke® EasyDnnGallery Module Arbitrary File Download Vulnerability Author : alieye vendor : http://www.easydnnsolutions.com/ , http://store.dnnsoftware.com/ Contact : [email protected] Risk : High Class: Remote Google Dork...

2.3AI score
Exploits0
Packet Storm
Packet Storm
added 2014/06/09 12:0 a.m.35 views

DotNetNuke dnnUI_NewsArticlesSlider Arbitrary File Download

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Title : DNN DotNetNuke® dnnUINewsArticlesSlider Module Arbitrary File Download Vulnerability Author : alieye vendor : http://www.dnnui.com/ , http://store.dnnsoftware.com/ Contact : [email protected] Risk : High Class: Remote Google Dork:...

Exploits0
Packet Storm
Packet Storm
added 2012/03/21 12:0 a.m.26 views

.NET Form Authentication Insecure Redirect

Seeker Research Center Security Advisory By Irene Abezgauz =========== I. Overview =========== An Insecure Redirect vulnerability has been identified in the .NET Form Authentication - in the Redirect From Login mechanism. This vulnerability allows an attacker to craft links that contain redirects...

7.4AI score
Exploits0
Rows per page
Query Builder