OpenDreamBox 2.0.0 Plugin WebAdmin - Remote Code Execution

OpenDreamBox 2.0.0 Plugin WebAdmin - Remote Code Execution Exploit Title: OpenDreamBox 2.0.0 - Plugin WebAdmin RCE Shodan Dork: "DreamBox" 200 ok" Date: 07/03/17 Exploit Author: Jonatas Fil Vendor Homepage: https://www.dreamboxupdate.com Software Link:...

OpenDreamBox 2.0.0 Plugin WebAdmin - Remote Code Execution

Exploit Title: OpenDreamBox 2.0.0 - Plugin WebAdmin RCE Shodan Dork: "DreamBox" 200 ok" Date: 07/03/17 Exploit Author: Jonatas Fil Vendor Homepage: https://www.dreamboxupdate.com Software Link: https://www.dreamboxupdate.com/opendreambox/2.0.0 Version: 2.0.0 Vulnerabilty: Remote Command Execution...

Alt-N MDaemon Remote Administration 13.0.x < 13.0.8 RCE (MD041917) (EASYBEE)

According to its self-reported version number, the MDaemon Remote Administration formerly WebAdmin application running on the remote web server is affected by a remote code execution vulnerability. An unauthenticated, remote attacker can exploit this, via a specially crafted request or payload, t...

Alt-N MDaemon WebAdmin Unsupported Version Detection

According to its self-reported version number, the installation of MDaemon WebAdmin running on the remote host is no longer supported. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities...

CVE-2016-6338

ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager aka RHEV-M for Servers and RHEV-M 4.0, allows physically proximate attackers to bypass a webadmin session timeout restriction via vectors related to UI selections, which trigger repeating queries...

Design/Logic Flaw

ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager aka RHEV-M for Servers and RHEV-M 4.0, allows physically proximate attackers to bypass a webadmin session timeout restriction via vectors related to UI selections, which trigger repeating queries...

CVE-2016-6338

ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager aka RHEV-M for Servers and RHEV-M 4.0, allows physically proximate attackers to bypass a webadmin session timeout restriction via vectors related to UI selections, which trigger repeating queries...

CVE-2016-6338

ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager aka RHEV-M for Servers and RHEV-M 4.0, allows physically proximate attackers to bypass a webadmin session timeout restriction via vectors related to UI selections, which trigger repeating queries...

CVE-2016-6338

The CVE-2016-6338 issue affects ovirt-engine-webadmin (used by Red Hat Enterprise Virtualization Manager, RHEV-M, and RHEV-M 4.0). Root cause: webadmin session timeouts not properly enforced, enabling bypass via UI-driven actions that trigger repeating queries. Impact: potential session hijack/by...

CVE-2016-6080

The WebAdmin context for WebSphere Message Broker allows directory listings which could disclose sensitive information to the attacker...

Directory traversal

The WebAdmin context for WebSphere Message Broker allows directory listings which could disclose sensitive information to the attacker...

CVE-2016-6080

CVE-2016-6080 affects WebSphere Message Broker (WebAdmin) on WebSphere Message Broker v8. The vulnerability allows directory listings via the WebAdmin context, potentially disclosing sensitive information. IBM’s security bulletin confirms the issue and provides a remediation: apply APAR IT16698 i...

CVE-2016-6080

The WebAdmin context for WebSphere Message Broker allows directory listings which could disclose sensitive information to the attacker...

IBM WebSphere Message Broker Information Disclosure Vulnerability (CNVD-2016-11964)

IBM WebSphere Message Broker now known as IBM Integration Bus is an enterprise service bus ESB product from IBM, USA. The product provides connectivity and common data transformations for Service Oriented Architecture SOA environments and non-SOA environments. A security vulnerability exists in...

GE Healthcare Centricity Image Vault Trust Management Vulnerability

GE Healthcare Centricity Image Vault is a library of Vivid cardiovascular ultrasound images from General Electric GE for the healthcare industry. A security vulnerability exists in GE Healthcare Centricity Image Vault version 3.x, which stems from the use of 'gemnet' as password for the...

CodeMeter < 5.20 Local Privilege Escalation Vulnerability

According to its self-reported version, the CodeMeter WebAdmin server installed on the remote host is prior to 5.20a 5.20.1458.500. It is affected by insecure read/write permissions for the 'codemeter.exe' service, which a local attacker can exploit to gain elevated privileges via a trojan horse...

AltN WebAdmin USER Buffer Overflow - Ver2 (CVE-2003-0471)

A buffer overflow vulnerability has been reported in Alt-N Webadmin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

Netsweeper WebAdmin Portal Multiple Vulnerabilities

No description provided by source...

Atmail WebAdmin and Webmail Control Panel SQL Root Password Disclosure

No description provided by source. Vuln Title: Atmail WebAdmin and webmail Control Panel Remote Access SQL Root password Vulnerability Author: FaryadR a.k.a Ciph3r tested on : Atmail Email Server 6.20.8 Twitter : https://twitter.com/faryadR Mail : [email protected] Website :...

HP LaserJet Pro P1606dn - Webadmin Password Reset

No description provided by source. !/usr/bin/python Exploit Title: HP LaserJet Pro P1606dn Webadmin password reset Date: 20.05.2013 Exploit Author: m3tamantra http://m3tamantra.wordpress.com/blog Vendor Homepage: http://www8.hp.com/de/de/products/printers/product-detail.html?oid=4110411 Firmware...