108 matches found
Siemens SPPA-T3000 Application Server Improper Authentication Vulnerability (CNVD-2019-45416)
SPPA-T3000 is a distributed control system mainly used in thermal power plants and large-scale renewable energy power plants.Application Server is the application server in it, which provides the main system services including access control, distribution of data to thin clients and archiving. A...
The vulnerability of the fly-admin-service-se component in the FLY operating system of Astra Linux allows a attacker to compromise data integrity, gain unauthorized access to protected information, and cause service failures.
The vulnerability of the fly-admin-service-se component in the FLY operating system’s working environment is related to an interpretation error in the DocumentRoot settings of the configuration files for Apache. Additionally, there is a lack of checks for installed mail packages. Exploiting this...
The vulnerability of the fly-admin-service-se administrative service package for the Astra Linux operating system allows a perpetrator to cause a failure in the printing service.
The vulnerability of the fly-admin-service-se administrative service package for the Astra Linux operating system is related to incorrect configuration of the Common UNIX Printing System CUPS in the Astra Linux Directory ALD. Exploiting this vulnerability could allow a malicious actor to cause...
OFCMS Backend File Upload Vulnerability
OFCMS is a content management system based on Java technology. A background file upload vulnerability exists in versions of OFCMS prior to 1.1.3. The vulnerability stems from the blocking of .jsp and .jspx files that fails to take into account the file.jsp::$DATA of the admin/comn/service/upload...
Microsoft Windows: Service: IIS Admin Service
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winiisadminservice.nasl 11344 2018-09-12 06:57:52Z emoss $ Check value for IIS Admin Service IISADMIN Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This program is free...
Cross-site Scripting (XSS)
Moodle is vulnerable to cross-site scripting XSS attacks. An authenticated user can inject and execute arbitrary Javascript using the admin/webservice/service.php page through the name field...
CVE-2016-4314
Directory traversal vulnerability in the LogViewer Admin Service in WSO2 Carbon 4.4.5 allows remote authenticated administrators to read arbitrary files via a .. dot dot in the logFile parameter to downloadgz-ajaxprocessor.jsp...
CVE-2016-4314
Directory traversal vulnerability in the LogViewer Admin Service in WSO2 Carbon 4.4.5 allows remote authenticated administrators to read arbitrary files via a .. dot dot in the logFile parameter to downloadgz-ajaxprocessor.jsp...
Directory traversal
Directory traversal vulnerability in the LogViewer Admin Service in WSO2 Carbon 4.4.5 allows remote authenticated administrators to read arbitrary files via a .. dot dot in the logFile parameter to downloadgz-ajaxprocessor.jsp...
CVE-2016-4314
Directory traversal vulnerability in the LogViewer Admin Service in WSO2 Carbon 4.4.5 allows remote authenticated administrators to read arbitrary files via a .. dot dot in the logFile parameter to downloadgz-ajaxprocessor.jsp...
CVE-2016-4314
CVE-2016-4314 affects WSO2 Carbon 4.4.5. It is a Local File Inclusion vulnerability in the LogViewer Admin Service: an authenticated administrator can read arbitrary files by injecting .. into the logFile parameter of downloadgz-ajaxprocessor.jsp. Multiple references document the issue and an exp...
API Admin Auth Weakness
Overview Versions of tomato prior to 0.0.6 are affected by a somewhat complex authentication bypass vulnerability in the admin service when only a single access key is configured on the server. The vulnerability allows an attacker to guess the password for the admin service, no matter how complex...
Novell GroupWise Admin Service FileUploadServlet Directory Traversal (CVE-2014-0600)
A directory traversal vulnerability exists within the Administration Service of Novell GroupWise 2014. The vulnerability is due to a flaw in handling of a parameter in the FileUploadServlet servlet. A remote unauthenticated attacker can exploit this vulnerability by sending crafted requests to th...
IBM Cognos tm1admsd.exe Overflow Vulnerability
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
IBM Cognos tm1admsd.exe Overflow
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'IBM Cognos...
IBM Cognos tm1admsd.exe Overflow Vulnerability
This Metasploit module exploits a stack buffer overflow in IBM Cognos Analytic Server Admin service. The vulnerability exists in the tm1admsd.exe component, due to a dangerous copy of user controlled data to the stack, via memcpy, without validating the supplied length and data. The module has be...
Trapeze Service Shell - Admin Service Accessible
The remote web server is a Trapeze Service Shell, the application server component included with various products from Trapeze Software, Inc., such as their traveller information systems for providing public bus and train route information. The remote Trapeze Service Shell has not been securely...
Red Hat Administration Server (redhat-ds-admin) Multiple Remote Vulnerabilities
The remote host is running RedHat or Fedora Directory Server Admin Service. The version of this software installed on the remote host is vulnerable to remote command execution flaw through the argument 'admurl' of the script '/bin/admin/admin/bin/download'. A malicious user could exploit this fla...
Microsoft Exchange IMAP Command Processing Remote Denial of Service Vulnerability
Description Microsoft Exchange is prone to a remote denial-of-service vulnerability because it fails to properly handle specially crafted IMAP commands. Successfully exploiting this issue allows remote attackers to cause targeted Exchange servers' mail service to stop responding, thus denying...
Kerio Winroute Firewall Admin Service
The administrative interface of a personal firewall is listening on the remote port. The remote host appears to be running Kerio Winroute Firewall Admin service. SPDX-FileCopyrightText: 2005 Javier Munoz Mellid Some text descriptions might be excerpted from a referenced sources, and are Copyright...