Oracle GlassFish Server Remote Vulnerability

Oracle GlassFish Enterprise Server is an open source and open community platform for building and deploying next-generation applications and services. A remote vulnerability exists in Oracle GlassFish Server that allows attackers to exploit the 'HTTP' protocol to compromise the 'Admin Console'...

CVE-2014-9510

Cross-site request forgery CSRF vulnerability in the administration console in TP-Link TL-WR840N V1 router with firmware before 3.13.27 build 141120 allows remote attackers to hijack the authentication of administrators for requests that change router settings via a configuration file import...

Visual Mining NetCharts Server Admin Console Arbitrary File Upload (CVE-2014-8516)

An arbitrary file upload vulnerability has been reported in Visual Mining NetCharts Server. The vulnerability exists in the Admin console and is due to insufficient validation of filename during the upload process. A remote attacker can exploit this vulnerability to execute arbitrary code on the...

Visual Mining NetCharts Server Remote Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Visual Mining NetCharts Server Remote Code Execution', 'Description' = %q This module exploits multiple vulnerabilities in Visual...

Oracle Access Manager (October 2014 CPU)

The version of Oracle Access Manager installed on the remote host is affected by multiple unspecified vulnerabilities in the Admin Console. CVE-2014-6462, CVE-2014-6552, CVE-2014-6553, CVE-2014-6554 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

IBM WebSphere Application Server 7.0 < Fix Pack 35 Multiple Vulnerabilities

The remote host is running a version of IBM WebSphere Application Server 7.0 prior to Fix Pack 35. It is, therefore, affected by the following vulnerabilities : - Multiple errors exist related to the included IBM HTTP server that could allow remote code execution or denial of service...

CVE-2014-6552

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, and 11.1.2.2 allows remote attackers to affect integrity via unknown vectors related to Admin Console...

CVE-2014-6554

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.2.1 and 11.1.2.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Admin Console...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, and 11.1.2.2 allows remote attackers to affect integrity via unknown vectors related to Admin Console...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.2.1 and 11.1.2.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Admin Console...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5 and 11.1.1.7 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Admin Console...

CVE-2014-6552

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, and 11.1.2.2 allows remote attackers to affect integrity via unknown vectors related to Admin Console...

CVE-2014-6553

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5 and 11.1.1.7 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Admin Console...

CVE-2014-6554

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.2.1 and 11.1.2.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Admin Console...

CVE-2014-6554

Oracle Fusion Middleware's Oracle Access Manager Admin Console (11.1.2.1/11.1.2.2) is affected by an unspecified vulnerability (CVE-2014-6554) that could allow remote authenticated users to affect confidentiality and integrity via unknown vectors. The connected sources provide limited technical d...

CVE-2014-6552

Technical details for CVE-2014-6552 are not publicly available in the provided documents; monitor for updates as no affected product/version specifics or exploit information are disclosed here.

CVE-2014-6462

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.2.1 and 11.1.2.2 allows remote attackers to affect integrity via unknown vectors related to Admin Console...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.2.1 and 11.1.2.2 allows remote attackers to affect integrity via unknown vectors related to Admin Console...

CVE-2014-6462

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.2.1 and 11.1.2.2 allows remote attackers to affect integrity via unknown vectors related to Admin Console...

GetSimple CMS 3.3.1 - Cross-Site Scripting

PoC for XSS bugs in the admin console of GetSimple CMS 3.3.1 CVE-2014-1603 by Pedro Ribeiro [email protected] from Agile Information Security Disclosure: 12/05/2014 / Last updated: 12/10/2014 Timeline: 04/11/2013 - Found bugs, produced proof of concept. 05/11/2013 - Communicated to the developer,...