5295 matches found
XMLBlueprint 16.191112 - XML External Entity Injection
Exploit Title: XMLBlueprint 16.191112 - XML External Entity Injection Exploit Author: Javier Olmedo Date: 2018-11-14 Vendor: XMLBlueprint XML Editor Software Link: https://www.xmlblueprint.com/update/download-64bit.exe Affected Version: 16.191112 and before Patched Version: unpatched Category:...
CVE-2012-5389
NULL Pointer Dereference in PowerTCP WebServer for ActiveX 1.9.2 and earlier allows remote attackers to cause a denial of service application crash via a crafted HTTP request...
CVE-2012-5389
NULL Pointer Dereference in PowerTCP WebServer for ActiveX 1.9.2 and earlier allows remote attackers to cause a denial of service application crash via a crafted HTTP request...
CVE-2012-5389
The CVE-2012-5389 entry corresponds to a NULL pointer dereference in PowerTCP WebServer for ActiveX (DartWebserver.Dll)
Shell Backdoor List - PHP / ASP Shell Backdoor List
What is a shell backdoor ? A backdoor shell is a malicious piece of code e.g. PHP, Python, Ruby that can be uploaded to a site to gain access to files stored on that site. Once it is uploaded, the hacker can use it to edit, delete, or download any files on the site, or upload their own. How to...
CVE-2019-13942
A vulnerability has been identified in EN100 Ethernet module DNP3 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.37, EN100 Ethernet module IEC104 variant All versions, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO variant A...
CVE-2019-13942
A vulnerability has been identified in EN100 Ethernet module DNP3 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.37, EN100 Ethernet module IEC104 variant All versions, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO variant A...
Buffer overflow
A vulnerability has been identified in EN100 Ethernet module DNP3 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.37, EN100 Ethernet module IEC104 variant All versions, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO variant A...
CVE-2019-13942
The CVE-2019-13942 issue affects Siemens EN100 Ethernet Module variants (DNP3, IEC61850
PT-2019-13483 · Unknown · En100 Ethernet Module Iec 61850 Variant +4
Name of the Vulnerable Software and Affected Versions: EN100 Ethernet module DNP3 variant All versions EN100 Ethernet module IEC 61850 variant All versions V4.37 EN100 Ethernet module IEC104 variant All versions EN100 Ethernet module Modbus TCP variant All versions EN100 Ethernet module PROFINET ...
CVE-2019-17270
Yachtcontrol through 2019-10-06: It's possible to perform direct Operating System commands as an unauthenticated user via the "/pages/systemcall.php?command=COMMAND" page and parameter, where COMMAND will be executed and returning the results to the client. Affects Yachtcontrol webservers disclos...
SAP Enable Now Multiple Unspecified Security Vulnerabilities
Description SAP Enable Now is prone to multiple unspecified security vulnerabilities. Limited information is currently available regarding these issues. We will update this BID as more information emerges. SAP Enable Now version 1911 is vulnerable. Technologies Affected SAP Enable Now 1911...
CVE-2019-19460
An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. The product's webserver runs as a Windows service with local SYSTEM permissions by default. This is against the principle of least privilege. An attacker who is able to exploit CVE-2019-19458 or CVE-2019-19459 is basically able to write to...
Design/Logic Flaw
An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. The product's webserver runs as a Windows service with local SYSTEM permissions by default. This is against the principle of least privilege. An attacker who is able to exploit CVE-2019-19458 or CVE-2019-19459 is basically able to write to...
CVE-2019-19460
SALTO ProAccess SPACE 5.4.3.0 is affected by CVE-2019-19458 (Directory Traversal in Data Export) and CVE-2019-19459 (arbitrary file writes and command execution on the server). These flaws allow an attacker to write arbitrary content to arbitrary files, with exploitation demonstrated against the ...
CVE-2019-19460
An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. The product's webserver runs as a Windows service with local SYSTEM permissions by default. This is against the principle of least privilege. An attacker who is able to exploit CVE-2019-19458 or CVE-2019-19459 is basically able to write to...
Alibab WebServer Detection
Checks whether Alibaba WebServer is present on the target system and if so, tries to figure out the installed version. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the...
Roxen WebServer Detection
Checks whether Roxen WebServer is present on the target system and if so, tries to figure out the installed version. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GN...
Idea WebServer Detection
Checks whether Idea WebServer is present on the target system and if so, tries to figure out the installed version. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU...
Jigsaw Webserver Detection
Checks whether Jigsaw is present on the target host and if so, tries to figure out the installed version. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General...