Lucene search
+L

108 matches found

CNVD
CNVD
added 2019/12/11 12:0 a.m.4 views

Siemens SPPA-T3000 Application Server Improper Authentication Vulnerability (CNVD-2019-45416)

SPPA-T3000 is a distributed control system mainly used in thermal power plants and large-scale renewable energy power plants.Application Server is the application server in it, which provides the main system services including access control, distribution of data to thin clients and archiving. A...

9.8CVSS6.9AI score0.02028EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/10/01 12:0 a.m.5 views

The vulnerability of the fly-admin-service-se component in the FLY operating system of Astra Linux allows a attacker to compromise data integrity, gain unauthorized access to protected information, and cause service failures.

The vulnerability of the fly-admin-service-se component in the FLY operating system’s working environment is related to an interpretation error in the DocumentRoot settings of the configuration files for Apache. Additionally, there is a lack of checks for installed mail packages. Exploiting this...

6CVSS5.5AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/03/12 12:0 a.m.6 views

The vulnerability of the fly-admin-service-se administrative service package for the Astra Linux operating system allows a perpetrator to cause a failure in the printing service.

The vulnerability of the fly-admin-service-se administrative service package for the Astra Linux operating system is related to incorrect configuration of the Common UNIX Printing System CUPS in the Astra Linux Directory ALD. Exploiting this vulnerability could allow a malicious actor to cause...

7.7CVSS5.5AI score
Exploits0References1
CNVD
CNVD
added 2019/03/07 12:0 a.m.1 views

OFCMS Backend File Upload Vulnerability

OFCMS is a content management system based on Java technology. A background file upload vulnerability exists in versions of OFCMS prior to 1.1.3. The vulnerability stems from the blocking of .jsp and .jspx files that fails to take into account the file.jsp::$DATA of the admin/comn/service/upload...

8.8CVSS7.6AI score0.02695EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2018/06/13 12:0 a.m.59 views

Microsoft Windows: Service: IIS Admin Service

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winiisadminservice.nasl 11344 2018-09-12 06:57:52Z emoss $ Check value for IIS Admin Service IISADMIN Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This program is free...

7.3AI score
Exploits0
Veracode
Veracode
added 2017/06/06 7:3 a.m.17 views

Cross-site Scripting (XSS)

Moodle is vulnerable to cross-site scripting XSS attacks. An authenticated user can inject and execute arbitrary Javascript using the admin/webservice/service.php page through the name field...

3.5CVSS5.6AI score0.01118EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/02/17 2:59 a.m.5 views

CVE-2016-4314

Directory traversal vulnerability in the LogViewer Admin Service in WSO2 Carbon 4.4.5 allows remote authenticated administrators to read arbitrary files via a .. dot dot in the logFile parameter to downloadgz-ajaxprocessor.jsp...

4.9CVSS5.9AI score0.12352EPSS
Exploits7References6
ATTACKERKB
ATTACKERKB
added 2017/02/17 2:59 a.m.2 views

CVE-2016-4314

Directory traversal vulnerability in the LogViewer Admin Service in WSO2 Carbon 4.4.5 allows remote authenticated administrators to read arbitrary files via a .. dot dot in the logFile parameter to downloadgz-ajaxprocessor.jsp...

4.9CVSS5.8AI score0.12352EPSS
Exploits7References7
Prion
Prion
added 2017/02/17 2:59 a.m.20 views

Directory traversal

Directory traversal vulnerability in the LogViewer Admin Service in WSO2 Carbon 4.4.5 allows remote authenticated administrators to read arbitrary files via a .. dot dot in the logFile parameter to downloadgz-ajaxprocessor.jsp...

4CVSS6.7AI score0.12352EPSS
Exploits7References6Affected Software1
Cvelist
Cvelist
added 2017/02/16 6:0 p.m.33 views

CVE-2016-4314

Directory traversal vulnerability in the LogViewer Admin Service in WSO2 Carbon 4.4.5 allows remote authenticated administrators to read arbitrary files via a .. dot dot in the logFile parameter to downloadgz-ajaxprocessor.jsp...

4.8AI score0.12352EPSS
Exploits7References6
CVE
CVE
added 2017/02/16 6:0 p.m.62 views

CVE-2016-4314

CVE-2016-4314 affects WSO2 Carbon 4.4.5. It is a Local File Inclusion vulnerability in the LogViewer Admin Service: an authenticated administrator can read arbitrary files by injecting .. into the logFile parameter of downloadgz-ajaxprocessor.jsp. Multiple references document the issue and an exp...

4.9CVSS4.7AI score0.12352EPSS
Exploits7References6Affected Software1
Node.js
Node.js
added 2015/10/17 7:41 p.m.38 views

API Admin Auth Weakness

Overview Versions of tomato prior to 0.0.6 are affected by a somewhat complex authentication bypass vulnerability in the admin service when only a single access key is configured on the server. The vulnerability allows an attacker to guess the password for the admin service, no matter how complex...

6.8CVSS1AI score0.02464EPSS
Exploits1Affected Software1
Check Point Advisories
Check Point Advisories
added 2014/10/02 12:0 a.m.20 views

Novell GroupWise Admin Service FileUploadServlet Directory Traversal (CVE-2014-0600)

A directory traversal vulnerability exists within the Administration Service of Novell GroupWise 2014. The vulnerability is due to a flaw in handling of a parameter in the FileUploadServlet servlet. A remote unauthenticated attacker can exploit this vulnerability by sending crafted requests to th...

7.8CVSS2.6AI score0.03081EPSS
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.44 views

IBM Cognos tm1admsd.exe Overflow Vulnerability

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2013/01/08 12:0 a.m.33 views

IBM Cognos tm1admsd.exe Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'IBM Cognos...

10CVSS0.5AI score0.5485EPSS
Exploits8
0day.today
0day.today
added 2013/01/08 12:0 a.m.79 views

IBM Cognos tm1admsd.exe Overflow Vulnerability

This Metasploit module exploits a stack buffer overflow in IBM Cognos Analytic Server Admin service. The vulnerability exists in the tm1admsd.exe component, due to a dangerous copy of user controlled data to the stack, via memcpy, without validating the supplied length and data. The module has be...

7.2AI score0.5485EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2009/10/22 12:0 a.m.129 views

Trapeze Service Shell - Admin Service Accessible

The remote web server is a Trapeze Service Shell, the application server component included with various products from Trapeze Software, Inc., such as their traveller information systems for providing public bus and train route information. The remote Trapeze Service Shell has not been securely...

5.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2008/04/23 12:0 a.m.46 views

Red Hat Administration Server (redhat-ds-admin) Multiple Remote Vulnerabilities

The remote host is running RedHat or Fedora Directory Server Admin Service. The version of this software installed on the remote host is vulnerable to remote command execution flaw through the argument 'admurl' of the script '/bin/admin/admin/bin/download'. A malicious user could exploit this fla...

9CVSS6.2AI score0.1402EPSS
Exploits1References2
Symantec
Symantec
added 2007/05/08 12:0 a.m.30 views

Microsoft Exchange IMAP Command Processing Remote Denial of Service Vulnerability

Description Microsoft Exchange is prone to a remote denial-of-service vulnerability because it fails to properly handle specially crafted IMAP commands. Successfully exploiting this issue allows remote attackers to cause targeted Exchange servers' mail service to stop responding, thus denying...

0.6AI score
Exploits0Affected Software2
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.16 views

Kerio Winroute Firewall Admin Service

The administrative interface of a personal firewall is listening on the remote port. The remote host appears to be running Kerio Winroute Firewall Admin service. SPDX-FileCopyrightText: 2005 Javier Munoz Mellid Some text descriptions might be excerpted from a referenced sources, and are Copyright...

7AI score
Exploits0
Rows per page
Query Builder