155 matches found
Glassdoor: web.xml configuration file disclosure
Information disclosed via https://www.glassdoor.com/web.xml which has been resolved. Thanks, @stregh for your report and find. Looking forward to more reports from you. CVE-2021-34429 CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N...
Sysaid 20.1.11 b26 - Remote Command Execution
Exploit Title: Sysaid 20.1.11 b26 - Remote Command Execution Google Dork: intext:"Help Desk Software by SysAid " Date: 2020-03-09 Exploit Author: Ahmed Sherif Vendor Homepage: https://www.sysaid.com/free-help-desk-software Software Link: https://www.sysaid.com/free-help-desk-software Version:...
Sysaid 20.1.11 b26 - Remote Command Execution Vulnerability
Exploit for java platform in category web applications Exploit Title: Sysaid 20.1.11 b26 - Remote Command Execution Google Dork: intext:"Help Desk Software by SysAid " Exploit Author: Ahmed Sherif Vendor Homepage: https://www.sysaid.com/free-help-desk-software Software Link:...
Exploit for CVE-2020-1938
cve-2020-1938 1.read file: python3 tomca...
ManageEngine Desktop Central - FileStorage getChartImage Deserialization Unauthenticated Remote Code Execution
ManageEngine Desktop Central - FileStorage getChartImage Deserialization Unauthenticated Remote Code Execution !/usr/bin/python3 """ ManageEngine Desktop Central FileStorage getChartImage Deserialization of Untrusted Data Remote Code Execution Vulnerability Download:...
Alkacon OpenCMS 10.5.x Local File Inclusion
Exploit Title: Alkacon OpenCMS 10.5.x - Multiple LFI in Alkacon OpenCms Site Management Google Dork: N/A Date: 18/07/2019 Exploit Author: Aetsu Vendor Homepage: http://www.opencms.org Software Link: https://github.com/alkacon/opencms-core Version: 10.5.x Tested on: 10.5.5 / 10.5.4 CVE :...
CVE-2018-17198
Server-side Request Forgery SSRF and File Enumeration vulnerability in Apache Roller 5.2.1, 5.2.0 and earlier unsupported versions relies on Java SAX Parser to implement its XML-RPC interface and by default that parser supports external entities in XML DOCTYPE, which opens Roller up to SSRF / Fil...
Remote Code Execution (RCE)
catalina is vulnerable to a remote code execution RCE attack. The library allows the replacement of the XML parser used for other web applications, allowing a malicious user to gain access to the applications' web.xml, context.xml or tld files...
Access Control Bypass
Apache Tomcat is vulnerable to access control bypass. Attackers are able to bypass intended access restrictions when Tomcat is started with errors while reading the web.xml file, which results in improper security settings...
Soleo: Directory Traversal + HTTP Paramater Pollution leaking SQL/LDAP credentials
Upon visiting the login page of a provider’s IP Relay client, we noticed that if someone were to click the “forgot password” link, it would bring them to a URL which appeared as the following: https://./IPRelayApp/servlet/IPRelay?page=forgotPassword When attempting to modify the "page" GET...
SAP B2B / B2C CRM 2.x < 4.x - Local File Inclusion Vulnerability
Exploit for linux platform in category web applications Title: SAP B2B / B2C CRM 2.x 4.x - Local File Inclusion Application:SAP B2B OR B2C is CRM Versions Affected: SAP B2B OR B2C is CRM 2.x 3.x and 4.x with Bakend R/3 to icssb2b Vendor URL: http://SAP.com Bugs: SAP LFI in B2B OR B2C CRM Sent:...
Exploit for Unrestricted Upload of File with Dangerous Type in Apache Tomcat
CVE-2017-12615 Usage: CVE-2017-1...
JBOSSAS 5.x/6.x 反序列化命令执行漏洞(CVE-2017-12149)
CVE-2017-12149 It was found that the doFilter method in the ReadOnlyAccessFilter of the HTTP Invoker does not restrict classes for which it performs deserialization. This allows an attacker to execute arbitrary code via crafted serialized data. Find out more about CVE-2017-12149 from the MITRE CV...
CVE-2017-12149
It was found that the doFilter method in the ReadOnlyAccessFilter of the HTTP Invoker does not restrict classes for which it performs deserialization. This allows an attacker to execute arbitrary code via crafted serialized data. Mitigation Secure the access to the entire http-invoker contexts by...
Httpoxy Vulnerability Through CGI Servlet
web-core is vulnerable to a remotely exploitable vulnerability aka "httpoxy". The vulnerability exists when CGI Servlet is activated in the configuration by modifying the web.xml. It then allows the execution of a CGI script which may assign client request Proxy header values to internal HTTPPROX...
ok.ru: web.xml configuration file disclosure
Several source files were accessible at .mycdn.me https://st.mycdn.me//WEB-INF/web.xml https://st.mycdn.me/WEB-INF/web.xml https://groupava1.mycdn.me/redirect.jsp https://groupava1.mycdn.me/index.jsp...
File Download Vulnerability in New Windward Technology's Online Learning Test System
New Windward Technology Online Learning Exam System is built based on enterprise-level database platform, the system architecture using a three-tier structure, B/S mode development can be used for online training and examination system. The product exists arbitrary file download vulnerability,...
Sakai 10.7 - Multiple Vulnerabilities
Sakai 10.7 - Multiple Vulnerabilities Sakai 10.7 Multiple Vulnerabilities Vendor: Apereo Foundation Product web page: https://www.sakaiproject.org Affected version: 10.7 Kernel 10.7 Summary: Sakai is a free, community source, educational software platform designed to support teaching, research an...
WSO2 Carbon 4.4.5 - Local File Inclusion
WSO2 Carbon 4.4.5 - Local File Inclusion + Credits: John Page aka HYP3RLINX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WSO2-CARBON-v4.4.5-LOCAL-FILE-INCLUSION.txt + ISR: ApparitionSec Vendor: =============== www.wso2.com Product: ====================...
WSO2 Carbon 4.4.5 - Local File Inclusion
Exploit for jsp platform in category web applications + Credits: John Page aka HYP3RLINX Vendor: =============== www.wso2.com Product: ==================== Ws02Carbon v4.4.5 WSO2 Carbon is the core platform on which WSO2 middleware products are built. It is based on Java OSGi technology, which...