Lucene search
K

1124 matches found

Exploit DB
Exploit DB
added 2013/12/06 12:0 a.m.173 views

Zimbra 2009-2013 - Local File Inclusion

Exploit Title: Zimbra 0day exploit / Privilegie escalation via LFI Date: 06 Dec 2013 Exploit Author: rubina119 Contact Email : rubina119atgmail.com Vendor Homepage: http://www.zimbra.com/ Version: 2009, 2010, 2011, 2012 and early 2013 versions are afected, Tested on: Centosx, Ubuntu. CVE : No CVE...

7.4AI score
Exploits0
htbridge
htbridge
added 2013/09/25 12:0 a.m.42 views

Remote Code Execution in Microweber

High-Tech Bridge Security Research Lab discovered vulnerability in Microweber, which can be exploited to delete arbitrary files and compromise vulnerable system as a consequence. 1 Improper Access Control in Microweber: CVE-2013-5984 Vulnerability exists due to improper access restriction to...

10CVSS7.3AI score0.02823EPSS
Exploits2Affected Software1
Cvelist
Cvelist
added 2013/08/21 9:0 p.m.24 views

CVE-2013-3029

Cross-site request forgery CSRF vulnerability in the Administrative console in IBM WebSphere Application Server WAS 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert...

6.2AI score0.00979EPSS
Exploits0References3
CVE
CVE
added 2013/08/21 9:0 p.m.62 views

CVE-2013-2976

CVE-2013-2976 : IBM WebSphere Application Server’s Administrative Console caches data in a way that lets local users obtain sensitive information. Affected versions include WAS 6.1, 7.0, and 8.x (including 8.0/8.5). The issue is a local information-disclosure via caching; no exploit vectors are s...

1.9CVSS7.4AI score0.00354EPSS
Exploits0References3Affected Software1
Exploit DB
Exploit DB
added 2012/12/23 12:0 a.m.29 views

Netwin SurgeFTP - Remote Command Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Netwin SurgeFTP...

7.4AI score
Exploits0
0day.today
0day.today
added 2012/12/20 12:0 a.m.19 views

SurgeFTP Remote Command Execution Vulnerability

This Metasploit module exploits a flaw in the SurgeFTP server's web-based administrative console to execute arbitrary commands. require 'msf/core' class Metasploit3 'SurgeFTP Remote Command Execution', 'Description' = %q This module exploits a flaw in the SurgeFTP server's web-based administrativ...

7.5AI score
Exploits0
exploitpack
exploitpack
added 2012/12/20 12:0 a.m.14 views

NetWin SurgeFTP - (Authenticated) Admin Command Injection (Metasploit)

NetWin SurgeFTP - Authenticated Admin Command Injection Metasploit require 'msf/core' class Metasploit3 'SurgeFTP Remote Command Execution', 'Description' = %q This module exploits a flaw in the SurgeFTP server's web-based administrative console to execute arbitary commands. , 'Author' = 'Spencer...

0.5AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2012/10/14 12:0 a.m.10 views

Oracle GlassFish Server Administration Console Authentication Bypass (CVE-2011-1511)

An authentication bypass vulnerability has been reported in the administration console of Oracle GlassFish...

6.5AI score0.14646EPSS
Exploits7
NVD
NVD
added 2012/09/25 8:55 p.m.18 views

CVE-2012-3304

The Administrative Console in IBM WebSphere Application Server WAS 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to hijack sessions via unspecified vectors...

6.8CVSS6.2AI score0.02066EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2012/08/07 12:0 a.m.32 views

Cyberoam Admin Console Detection

Cyberoam UTM's web admin console is running on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid61446; scriptversion"1.7"; scriptsetattributeattribute:"pluginmodificationdate", value:"2020/09/14"; scriptnameenglish:"Cyberoam Admin Console Detection";...

7.1AI score
Exploits0References1
Exploit DB
Exploit DB
added 2012/06/28 12:0 a.m.106 views

Openfire Server 3.6.0a - Admin Console Authentication Bypass (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' require 'rex/zip' class Metasploit3...

7.5CVSS6.4AI score0.83382EPSS
Exploits5
CVE
CVE
added 2012/06/26 10:0 a.m.61 views

CVE-2012-2380

CVE-2012-2380 affects the Apache Roller project, specifically the admin/editor console. The issue is that HTTP POST interfaces in the Roller admin/editor console were not protected against CSRF, allowing remote attackers to hijack admin/editor authentication. Affected versions include Roller 4.0....

6.8CVSS7.4AI score0.01592EPSS
Exploits0References1Affected Software1
Metasploit
Metasploit
added 2012/06/24 11:35 a.m.80 views

Openfire Admin Console Authentication Bypass

This module exploits an authentication bypass vulnerability in the administration console of Openfire servers. By using this vulnerability it is possible to upload/execute a malicious Openfire plugin on the server and execute arbitrary Java code. This module has been tested against Openfire 3.6.0...

7.5CVSS7.1AI score0.83382EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2012/04/05 12:0 a.m.12 views

at32 Reverse Proxy Detection

The admin console for the at32 Reverse Proxy software was detected on the remote host. at32 Reverse Proxy allows you to host several websites on a single IP or port. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid58602; scriptversion"1.5"; scriptcvsdate"Date:...

5.5AI score
Exploits0References1
OpenVAS
OpenVAS
added 2011/11/04 12:0 a.m.24 views

IBM WebSphere Application Server Admin Console Cross-site Scripting Vulnerability

The host is running IBM WebSphere Application Server and is prone to cross-site scripting vulnerability. OpenVAS Vulnerability Test $Id: gbibmwasadminconsolexssvuln.nasl 7044 2017-09-01 11:50:59Z teissa $ IBM WebSphere Application Server Admin Console Cross-site Scripting Vulnerability Authors:...

4.3CVSS5.9AI score0.01656EPSS
Exploits0References3
Prion
Prion
added 2011/10/30 7:55 p.m.20 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in ah/admin/interactive/execute aka the Interactive Console in the SDK Console aka Admin Console in the Google App Engine Python SDK before 1.5.4 allows remote attackers to hijack the authentication of administrators for requests that execute arbitrar...

6.8CVSS7.9AI score0.00495EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2011/10/30 7:0 p.m.28 views

CVE-2011-1364

Cross-site request forgery CSRF vulnerability in ah/admin/interactive/execute aka the Interactive Console in the SDK Console aka Admin Console in the Google App Engine Python SDK before 1.5.4 allows remote attackers to hijack the authentication of administrators for requests that execute arbitrar...

7.5AI score0.00495EPSS
Exploits1References4
NVD
NVD
added 2011/10/30 10:55 a.m.22 views

CVE-2009-2748

Cross-site scripting XSS vulnerability in the Administration Console in IBM WebSphere Application Server WAS 6.1 before 6.1.0.29 and 7.1 before 7.0.0.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.5AI score0.01656EPSS
Exploits0References3
securityvulns
securityvulns
added 2011/10/24 12:0 a.m.37 views

Security-Assessment.com Advisory: Destination Search Admin Console Access Control Bypass

, , . .' '. ', . , '. , ., , / / / ==/ / / / / / / | Y Y / /| / /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. presents.. Destination Search Admin Console Access Control Bypass Vendor link: http://www.localmatters.com/ PDF:...

Exploits0
Core Security
Core Security
added 2011/05/11 12:0 a.m.47 views

Oracle GlassFish Server Administration Console Authentication Bypass

Oracle GlassFish Server Administration Console Authentication Bypass 1. Advisory Information Title: Oracle GlassFish Server Administration Console Authentication Bypass Advisory ID: CORE-2010-1118 Advisory URL: Date published: 2011-05-11 Date of last update: 2011-05-11 Vendors contacted: Oracle...

6.4CVSS7.4AI score0.14646EPSS
Exploits7
Rows per page
Query Builder