559 matches found
Authentication flaw
Netsweeper before 4.0.5 allows remote attackers to bypass authentication and create arbitrary accounts and policies via a request to webadmin/nslam/index.php...
CVE-2014-9611
CVE-2014-9611 affects Netsweeper prior to 4.0.5. An unauthenticated remote attacker can bypass authentication via the request to webadmin/nslam/index.php and can create arbitrary user accounts and policies. This is evidenced by the CNVD-2017-30727 entry and the corroborating exploit references no...
CVE-2017-14135
enigma2-plugins/blob/master/webadmin/src/WebChilds/Script.py in the webadmin plugin for opendreambox 2.0.0 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the command parameter to the /script URI...
CVE-2017-14135
enigma2-plugins/blob/master/webadmin/src/WebChilds/Script.py in the webadmin plugin for opendreambox 2.0.0 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the command parameter to the /script URI...
CVE-2017-14135
Summary: CVE-2017-14135 affects OpenDreambox 2.0.0, specifically the webadmin plugin’s Script.py in enigma2-plugins. The vulnerability allows remote code execution via shell metacharacters in the command parameter to the /script URI, enabling an attacker to run arbitrary OS commands on the target...
CodeMeter 6.50 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Document Title: =============== Wibu Systems AG CodeMeter 6.50 - Persistent XSS Vulnerability References Source: ==================== http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13754 CVE-ID: ======= CVE-2017-13754 Current Estimat...
CodeMeter 6.50 - Cross-Site Scripting
CodeMeter 6.50 - Cross-Site Scripting Document Title: =============== Wibu Systems AG CodeMeter 6.50 - Persistent XSS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2074 ID: FB49498 Acknowledgements:...
Wibu Systems AG CodeMeter 6.50 Cross Site Scripting
Document Title: =============== Wibu Systems AG CodeMeter 6.50 - Persistent XSS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2074 ID: FB49498 Acknowledgements: https://www.flickr.com/photos/vulnerabilitylab/36912680045/...
CodeMeter 6.50 - Cross-Site Scripting
Document Title: =============== Wibu Systems AG CodeMeter 6.50 - Persistent XSS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2074 ID: FB49498 Acknowledgements: https://www.flickr.com/photos/vulnerabilitylab/36912680045/...
Wibu Systems CodeMeter v6.50 - (UI) XSS Web Vulnerability
Document Title: =============== Wibu Systems CodeMeter v6.50 - UI XSS Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2074 ID: FB49498 Acknowledgements: https://www.flickr.com/photos/vulnerabilitylab/36912680045/ Sources:...
Wibu Systems CodeMeter v6.50 - (UI) XSS Web Vulnerability
Document Title: =============== Wibu Systems CodeMeter v6.50 - UI XSS Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2074 ID: FB49498 Acknowledgements: https://www.flickr.com/photos/vulnerabilitylab/36912680045/ Sources:...
webadmin.avento.no XSS vulnerability
Vulnerable URL: https://webadmin.avento.no/4/logout.asp?error=timeout=xss%22%3E%3Csvg/onload=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.11.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not...
OpenDreamBox 2.0.0 Plugin WebAdmin - Remote Code Execution Vulnerability
Exploit for hardware platform in category web applications Exploit Title: OpenDreamBox 2.0.0 - Plugin WebAdmin RCE Shodan Dork: "DreamBox" 200 ok" Date: 07/03/17 Exploit Author: Jonatas Fil Vendor Homepage: https://www.dreamboxupdate.com Software Link:...
OpenDreamBox 2.0.0 Remote Code Execution
Exploit Title: OpenDreamBox 2.0.0 - Plugin WebAdmin RCE Shodan Dork: "DreamBox" 200 ok" Date: 07/03/17 Exploit Author: Jonatas Fil Vendor Homepage: https://www.dreamboxupdate.com Software Link: https://www.dreamboxupdate.com/opendreambox/2.0.0 Version: 2.0.0 Vulnerabilty: Remote Command Execution...
OpenDreamBox 2.0.0 Plugin WebAdmin - Remote Code Execution
OpenDreamBox 2.0.0 Plugin WebAdmin - Remote Code Execution Exploit Title: OpenDreamBox 2.0.0 - Plugin WebAdmin RCE Shodan Dork: "DreamBox" 200 ok" Date: 07/03/17 Exploit Author: Jonatas Fil Vendor Homepage: https://www.dreamboxupdate.com Software Link:...
OpenDreamBox 2.0.0 Plugin WebAdmin - Remote Code Execution
Exploit Title: OpenDreamBox 2.0.0 - Plugin WebAdmin RCE Shodan Dork: "DreamBox" 200 ok" Date: 07/03/17 Exploit Author: Jonatas Fil Vendor Homepage: https://www.dreamboxupdate.com Software Link: https://www.dreamboxupdate.com/opendreambox/2.0.0 Version: 2.0.0 Vulnerabilty: Remote Command Execution...
Alt-N MDaemon WebAdmin Unsupported Version Detection
According to its self-reported version number, the installation of MDaemon WebAdmin running on the remote host is no longer supported. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities...
Alt-N MDaemon Remote Administration 13.0.x < 13.0.8 RCE (MD041917) (EASYBEE)
According to its self-reported version number, the MDaemon Remote Administration formerly WebAdmin application running on the remote web server is affected by a remote code execution vulnerability. An unauthenticated, remote attacker can exploit this, via a specially crafted request or payload, t...
CVE-2016-6338
ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager aka RHEV-M for Servers and RHEV-M 4.0, allows physically proximate attackers to bypass a webadmin session timeout restriction via vectors related to UI selections, which trigger repeating queries...
CVE-2016-6338
ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager aka RHEV-M for Servers and RHEV-M 4.0, allows physically proximate attackers to bypass a webadmin session timeout restriction via vectors related to UI selections, which trigger repeating queries...