108 matches found
SuperMicro IPMI WebInterface 03.40 - Cross-Site Request Forgery (Add Admin)
Exploit Title: SuperMicro IPMI WebInterface 03.40 - Cross-Site Request Forgery Add Admin Exploit Author: Metin Yunus Kandemir Date: 2020-07-15 Vendor Homepage: https://www.supermicro.com/ Version: X10DRH-iT motherboards with BIOS 2.0a and IPMI firmware 03.40 CVE: CVE-2020-15046 Source:...
CVE-2019-20842
Mattermost Server vulnerability CVE-2019-20842 affects Mattermost Server versions prior to 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. Description: there is an SQL injection vulnerability exploitable by admins through the SearchAllChannels feature. Impact is described in sources as an admin-level ...
CVE-2019-3747
Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a stored cross-site scripting vulnerability. A remote malicious ACM admin user may potentially exploit this vulnerability to store malicious HTML or JavaScript code in Cloud DR add-on specific field. When victim users...
CVE-2019-11622
doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/modulecategoryRequest.php. A remote background administrator privilege user or a user with permission to manage modulecategory could exploit the vulnerability to obtain database sensitive information via...
BEWARD N100 H.264 VGA IP Camera M2.1.6 Cross Site Request Forgery
BEWARD N100 H.264 VGA IP Camera M2.1.6 CSRF Add Admin Exploit Vendor: Beward R&D Co., Ltd Product web page: https://www.beward.net Affected version: M2.1.6.04C014 Summary: The N100 compact color IP camera with support for a more efficient compression format is optimized for low-speed networks,...
KYOCERA Net Admin 3.4 - Cross Site Request Forgery - Add Admin Exploit
Exploit for linux platform in category web applications Vendor: KYOCERA Corporation Product https://global.kyocera.com Affected version: 3.4.0906 Summary: KYOCERA Net Admin is Kyocera's unified device management software that uses a web-based platform to give network administrators easy and...
SonicDICOM PACS 2.3.2 CSRF Add Admin Exploit
Exploit for windows platform in category web applications SonicDICOM PACS 2.3.2 CSRF Add Admin Exploit Vendor: JIUN Corporation Product web page: https://www.sonicdicom.com Affected version: 2.3.2 and 2.3.1 Summary: SonicDICOM is PACS software that combines the capabilities of DICOM Server with w...
FMyLife Clone Script (Pro Edition) 1.1 - Cross-Site Request Forgery (Add Admin)
Vulnerability: Add Admin Exploit Add/Edit/Delete/ Category, Admin Vs... Google Dork: FMyLife Clone Script Date:10.01.2017 Vendor Homepage: http://alstrasoft.com/fmylife-pro.htm Script Name: FMyLife Clone Script Pro Edition Script Version: 1.1 Script Buy Now:...
Stored Cross-Site Scripting Vulnerability in Dream Cms
Dream cms, abbreviated as "lmxcms", is an open source website management system cms with no license restrictions. Dream CMS version 1.4 management background can be triggered by the administrator to reply to the message board to store the type of cross-site script , allowing attackers to exploit...
NUUO 3.0.8 Add Admin Cross Site Request Forgery
i? input type="hidden" name="add...
IonizeCMS 1.0.8 - Cross-Site Request Forgery (Add Admin)
IonizeCMS 1.0.8 - Cross-Site Request Forgery Add Admin document.forms0.submit;...
up.time 7.5.0 Cross Site Request Forgery / Cross Site Scripting
up.time 7.5.0 XSS And CSRF Add Admin Exploit Vendor: Idera Inc. Product web page: http://www.uptimesoftware.com Affected version: 7.5.0 build 16 and 7.4.0 build 13 Summary: The next-generation of IT monitoring software. Desc: The application allows users to perform certain actions via HTTP...
up.time 7.5.0 XSS And CSRF Add Admin Exploit
Exploit for php platform in category web applications up.time 7.5.0 XSS And CSRF Add Admin Exploit Vendor: Idera Inc. Product web page: http://www.uptimesoftware.com Affected version: 7.5.0 build 16 and 7.4.0 build 13 Summary: The next-generation of IT monitoring software. Desc: The application...
X7CHAT 1.3.6b - Add Admin Exploit
No description provided by source. + Author : d4rk-h4ck3r + Email : [email protected] + Site : www.vbspiders.com/vb + Team : Tunisian Security TeaM + Dork : powered by x7 chat 1.3.6b Exploit-DB Notes Vendor has already addressed this issue and even provided a solution in Docs/INSTALL.txt: After finishing...
TR Forum 1.5 insert admin CSRF Vulnerability
No description provided by source...
Belkin G Wireless Router F5D7234-4 v5 Exploit
No description provided by source. +-----------------------------------------+ | Belkin G Wireless Router Admin Exploit. | +-----------------------------------------+ Firmware Version : 5.00.12 Sep 10 2009 19:54:12 Boot Version : 1.18 Hardware : F5D7234-4 v5 01 Author : Aodrulez. Email :...
OSClass 3.0.2 CSRF/FPD Vulnerabilities
---- 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...
Subrion CMS 2.2.1 CSRF Add Admin Exploit
Summary Subrion is a free open source content management system. It's written in PHP 5 and utilizes MySQL database. Subrion CMS can be easily integrated into your current website or used as a stand alone platform. It's extremely flexible and scalable php system that stands for a content managemen...
Belkin G Wireless Router F5D7234-4 v5 Exploit
Exploit for hardware platform in category web applications +-----------------------------------------+ | Belkin G Wireless Router Admin Exploit. | +-----------------------------------------+ Firmware Version : 5.00.12 Sep 10 2009 19:54:12 Boot Version : 1.18 Hardware : F5D7234-4 v5 01 Author :...
Belkin F5D7234-4 v5 G Wireless Router - Remote Hash Exposed
Belkin F5D7234-4 v5 G Wireless Router - Remote Hash Exposed +-----------------------------------------+ | Belkin G Wireless Router Admin Exploit. | +-----------------------------------------+ Firmware Version : 5.00.12 Sep 10 2009 19:54:12 Boot Version : 1.18 Hardware : F5D7234-4 v5 01 Author :...