EUVD-2019-17681

Malware in sbrugna...

EUVD-2019-17680

Malware in sbrugna...

Gemalto Admin Control Center Information Disclosure Vulnerability

Gemalto Admin Control Center is a set of Web-based Sentinel user tools from Gemalto. The product is mainly used to query and manage hardware and software Sentinel license keys. An information disclosure vulnerability exists in Gemalto Admin Control Center version 7.92. The vulnerability arises fr...

CVE-2019-8282

Gemalto Admin Control Center, all versions prior to 7.92, uses cleartext HTTP to communicate with www3.safenet-inc.com to obtain language packs. This allows attacker to do man-in-the-middle MITM attack and replace original language pack by malicious one...

CVE-2019-8282

Gemalto Admin Control Center, all versions prior to 7.92, uses cleartext HTTP to communicate with www3.safenet-inc.com to obtain language packs. This allows attacker to do man-in-the-middle MITM attack and replace original language pack by malicious one...

CVE-2019-8282

Gemalto Admin Control Center (all versions prior to 7.92) communicates language packs over cleartext HTTP to www3.safenet-inc.com. This creates a MITM risk that could replace legitimate language packs with malicious ones. Affected component: the Admin Control Center client/server communication fo...

CVE-2019-8283

Hasplm cookie in Gemalto Admin Control Center, all versions prior to 7.92, does not have 'HttpOnly' flag. This allows malicious javascript to steal it...

CVE-2019-8283

Gemalto Admin Control Center (Hasplm cookie) is affected in versions prior to 7.92 due to the absence of the HttpOnly flag on the Hasplm cookie. This design flaw can allow malicious JavaScript to access the cookie, enabling potential information disclosure. The vulnerability affects the Hasplm co...

CVE-2018-8900

The License Manager service of HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE 7.80 allows remote attackers to inject malicious web script in the logs page of Admin Control Center ACC for cross-site scripting XSS vulnerability...

CVE-2018-8900

The License Manager service of HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE 7.80 allows remote attackers to inject malicious web script in the logs page of Admin Control Center ACC for cross-site scripting XSS vulnerability...

Cross site scripting

The License Manager service of HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE 7.80 allows remote attackers to inject malicious web script in the logs page of Admin Control Center ACC for cross-site scripting XSS vulnerability...

CVE-2018-8900

The License Manager service of HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE 7.80 allows remote attackers to inject malicious web script in the logs page of Admin Control Center ACC for cross-site scripting XSS vulnerability...

CVE-2018-8900

CVE-2018-8900 affects Gemalto HASP SRM, Sentinel HASP, and Sentinel LDK licenses. The License Manager service (ACC) is vulnerable to cross-site scripting (XSS) in the logs page. Affected versions are listed variably across sources: CNVD cites 2.10–7.66; NVD notes all versions prior to Sentinel LD...

CVE-2018-8900

The License Manager service of HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE 7.80 allows remote attackers to inject malicious web script in the logs page of Admin Control Center ACC for cross-site scripting XSS vulnerability...

CVE-2017-11498

Buffer overflow in hasplms in Gemalto ACC Admin Control Center, all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to shut down the remote process a denial of service via a language pack ZIP file with invalid HTML files...

IceBB <= 1.0-RC9.2 Blind SQL Injection / Session Hijacking Exploit

No description provided by source. Author: GiReX 26/07/08 Homepage: girex.altervista.org CMS: IceBB = 1.0-RC9.2 Site: icebb.net Bug: Blind SQL Injection Exploit: Session Hijacking PoC Works regardless of php.ini settings Description: IceBB is a powerful, fast, free, and open-source forum solution...

Cross site scripting

Cross-site scripting XSS vulnerability in the Admin Control Center in Sentinel HASP Run-time Environment 5.95 and earlier in SafeNet Sentinel HASP formerly Aladdin HASP SRM run-time installer before 6.x and SDK before 5.11, as used in 7 Technologies 7T IGSS 7 and other products, when Firefox 2.0 ...

CVE-2011-3339

The CVE-2011-3339 entry describes an XSS vulnerability in the Admin Control Center of SafeNet Sentinel HASP/SRM, affecting HASP Run-time Environment 5.95 and earlier, with installers before 6.x and SDKs before 5.11. The issue arises from inadequate input validation in the web application, which c...

IceBB 1.0-rc5 - Remote Code Execution

!/usr/bin/perl IceBB 1.0-rc5 Remote Code Execution Exploit 1. register a user 2. run this exploit with this usage : $perl xpl.pl host&path uname pass 3. login with admin access : Coded & Discovered By Hessam-x / Hessamx-at-Hessamx.net use LWP::UserAgent; use HTTP::Cookies; $port = "80"; $host =...

IceBB 1.0-rc5 - Remote Create Admin

IceBB 1.0-rc5 - Remote Create Admin !/usr/bin/perl IceBB 1.0-rc5 Remote Create Admin Exploit 1. register a user 2. run this exploit with this usage : $perl xpl.pl host&path uname pass 3. login with admin access : - magicquotesgpc = Off Coded & Discovered By Hessam-x / Hessamx-at-Hessamx.net use...