Sysax 5.62 Admin Interface Local Buffer Overflow

!/usr/bin/python Title: Sysax " not in fullpage: page = r.recv4096 fullpage += page time.sleep1 regex the sid from the page global sid sid = re.searchr'sid=a-zA-Z0-940',fullpag...

Sysax <= 5.62 Admin Interface Local Buffer Overflow

Exploit for windows platform in category local exploits !/usr/bin/python Title: Sysax = 5.62 Admin Interface Local Buffer Overflow Author: Craig Freyman @cd1zz Tested on: XP SP3 32bit Date Discovered: June 15, 2012 Vendor Contacted: June 19, 2012 Details:...

RuggedCom RuggedOS Web-Based Admin Interface Default Credentials

Binary data scadaruggedosdefaultaccountshttp.nbin...

Cobbler Admin Interface Detection

A web-based administration interface for Cobbler, a Linux installation server, was detected on the remote host. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid59400; scriptversion"1.3"; scriptcvsdate"Date: 2019/11/25"; scriptnameenglish:"Cobbler Admin Interface...

Pritlog v0.821 CMS - Multiple Web Vulnerabilities

Title: ====== Pritlog v0.821 CMS - Multiple Web Vulnerabilities Date: ===== 2012-04-29 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=534 VL-ID: ===== 534 Introduction: ============= PRITLOG is an extremely simple, small 500K uncompressed and powerful blog system. It...

admin/osuser2atluser.jsp lacks an XSRF token to perform user transfer operations

e.g. http://localhost:8090/admin/osuser2atluser.jsp?migrate=start&transferGroupMembership=true and http://localhost:8090/admin/osuser2atluser.jsp?migrate=start When fixing this issue, please ensure that the JSP is converted to an action or deleted - we don't want to have to maintain our XSRF...

admin/osuser2atluser.jsp lacks an XSRF token to perform user transfer operations

e.g. http://localhost:8090/admin/osuser2atluser.jsp?migrate=start&transferGroupMembership=true and http://localhost:8090/admin/osuser2atluser.jsp?migrate=start When fixing this issue, please ensure that the JSP is converted to an action or deleted - we don't want to have to maintain our XSRF...

Multiple vulnerabilities in OSClass

Advisory ID: CSA-12003 Title: Multiple vulnerabilities in OSClass Product: OSClass Version: 2.3.4 and probably prior Vendor: osclass.org Vulnerability type: SQL injection, XSS, Remote file inclusion Vendor notification: 2012-01-12 Public disclosure: 2012-01-27 OSClass version 2.3.4 and probably...

CVE-2011-5078

The web administration interface in the server in Sybase M-Business Anywhere 6.7 before ESD 3 and 7.0 before ESD 7 does not require admin authentication for unspecified scripts, which allows remote authenticated users to list or delete user accounts, modify passwords, or read log files via HTTP...

CVE-2012-1034

Multiple cross-site scripting XSS vulnerabilities in the admin interface in EPiServer CMS through 6R2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the admin interface in EPiServer CMS through 6R2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-1034

EPiServer CMS admin interface prior to 6R2 contains XSS vulnerabilities that allow remote attackers to inject arbitrary script/HTML via unspecified vectors. Affects EPiServer CMS through 6R2; CVSS v2 base score 4.3 (Medium). Remediation referenced in public hotfix materials (CMS 6-R2 hotfix); exp...

JON: Multiple XSS flaws

Multiple cross-site scripting XSS vulnerabilities in the administration interface in RHQ 4.2.0, as used in JBoss Operations Network aka JON or JBoss ON before 3.0, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Owl Intranet Engine 1.00 Authentication Bypass

Advisory: Owl Intranet Engine: Authentication Bypass During a penetration test, RedTeam Pentesting discovered an Authentication Bypass vulnerability in the Owl Intranet Engine, which allows unauthenticated users administrative access to the affected systems. Details ======= Product: Owl Intranet...

Splunk - Remote Command Execution

from sec1httplib.requestbuilder import Requestobj from sec1httplib.threaddispatcher import import threading import re import urlparse import sys import urllib import base64 from optparse import OptionParser import sys """ Source: http://www.sec-1.com/blog/?p=233 Splunk remote root exploit. Author...

Filmis 0.2 Cross Site Request Forgery / Cross Site Scripting

========================================= Filmis - Version 0.2 Mullti Vulnerability ========================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=0 0 . .--. .--. .---. . 1 1 .'| / | 0 0 | --: --: / .-.| .-. . . 1 1 | / | | | 0 0 '---' --' --' ' -'--'---| 1 1 ; 0 ...

Phorum 5.2.18 Cross-site scripting vulnerability

Advisory: Phorum 5.2.18 Cross-site scripting vulnerability Advisory ID: SSCHADV2011-023 Author: Stefan Schurtz Affected Software: Successfully tested on Phorum 5.2.18 Vendor URL: http://www.phorum.org/ Vendor Status: informed CVE-ID: - ========================== Vulnerability Description:...

SonicWall NSA 4500 Cross Site Scripting / Session Hijacking

While pentesting a a WIFI network on a customer, we found some vulnerabilities in the SonicWall NSA 4500. You can find details here: http://www.pentest.es/vulnssonicpoint.txt -------------------------------------------------- Title: ====== SonicWall products with incompatible MAC spoofing...

MyAuth 3 Blind SQL Injection

Exploit Title: MyAuth3 Blind SQL Injection / Root Shell Access 0day exploit Google Dork: allinurl:1881/?console=panel Date: 09/06/2011 Author: Marcio Almeida marcioatalligatorteamdotorg | @marcioalm Version: 3.0 Tested on: Linux EDB-Note: apparently no true exploit is needed to dump system pwd...

Honeywall admin interface arbitrary file read vulnerability-vulnerability warning-the black bar safety net

Publishing author: cnyouker Vulnerability type: arbitrary file traversal/download Vulnerability description: Honeywall admin interface arbitrary file read vulnerability Detailed description: admin/docs.pl for the POST of the file check is not strict. Can construct their own post package to read...