524 matches found
Barracuda Spam And Virus Firewall 5.1.3.007 Remote Root
Exploit Title: Barracuda Spam & Virus Firewall Post Auth Remote Root Exploit Date: 07/21/16 Exploit Author: xort [email protected] Vendor Homepage: https://www.barracuda.com/ Software Link: https://www.barracuda.com/landing/pages/spamfirewall/ Version: Spam and Virus Firewall 'Barracuda Spam...
[SECURITY] Fedora 22 Update: glpi-0.90.3-1.fc22
GLPI is the Information Resource-Manager with an additional Administration- Interface. You can use it to build up a database with an inventory for your company computer, software, printers.... It has enhanced functions to make the daily life for the administrators easier, like a job-tracking-syst...
[SECURITY] Fedora 24 Update: glpi-0.90.3-1.fc24
GLPI is the Information Resource-Manager with an additional Administration- Interface. You can use it to build up a database with an inventory for your company computer, software, printers.... It has enhanced functions to make the daily life for the administrators easier, like a job-tracking-syst...
CVE-2016-1325
The administration interface on Cisco DPC3939B and DPC3941 devices allows remote attackers to obtain sensitive information via a crafted HTTP request, aka Bug ID CSCus49506...
CVE-2016-1325
The administration interface on Cisco DPC3939B and DPC3941 devices allows remote attackers to obtain sensitive information via a crafted HTTP request, aka Bug ID CSCus49506...
Apache Solr webapp/web/js/scripts/schema-browser.js cross-site scripting vulnerability
Apache Solr is an enterprise-ready, Lucene-based search server. A cross-site scripting vulnerability exists in webapp/web/js/scripts/schema-browser.js in the Admin UI of Apache Solr versions prior to 5.3. A remote attacker can inject arbitrary web script or HTML via a constructed schema-browse UR...
Netgear WNR1000v4 - Authentication Bypass
''' Exploit Title: NetgearWNR1000v4AuthBypass Google Dork: - Date: 06.10.2015 Exploit Author: Daniel Haake Vendor Homepage: http://www.netgear.com/ Software Link: http://downloadcenter.netgear.com/en/product/WNR1000v4 Version: N300 router firmware versions 1.1.0.24 - 1.1.0.31 Tested on: Can be...
CVE-2015-7283
The web administration interface on ZyXEL NBG-418N devices with firmware 1.00AADZ.3C0 has a default password of 1234 for the admin account, which allows remote attackers to obtain administrative privileges by leveraging a LAN session...
CVE-2015-7277
The web administration interface on Amped Wireless R10000 devices with firmware 2.5.2.11 has a default password of admin for the admin account, which allows remote attackers to obtain administrative privileges by leveraging a LAN session...
Default credentials
The web administration interface on Amped Wireless R10000 devices with firmware 2.5.2.11 has a default password of admin for the admin account, which allows remote attackers to obtain administrative privileges by leveraging a LAN session...
CVE-2015-7277
Amped Wireless R10000 router (firmware 2.5.2.11) is affected by CVE-2015-7277 due to use of default admin credentials (admin:admin). A LAN-attacker can gain administrative privileges via the web management interface, enabling full control of the device. Root cause: default credentials configured ...
CVE-2015-7280
The CVE-2015-7280 entry affects ReadyNet WRT300N-DD devices (firmware 1.0.26). The vulnerability arises from default credentials (admin/admin) on the web administration interface, enabling a LAN‑based attacker to obtain administrative privileges. Impact is compatible with a high/severe rating (NV...
Debian: Security Advisory (DSA-3391-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Wordpress EZ Google Analytics Plugin 4.1.6 - Persistant XSS Vulnerability
Exploit for php platform in category web applications Title : Wordpress Plugin : EZ Google Analytics 4.1.6 - Persistant XSS vulnerability Author : ZwX Date : 15/02/2015 Downoload : https://downloads.wordpress.org/plugin/ez-google-analytics.4.1.06.zip Vendor : http://wordpress.ieonly.com Tested on...
Netgear Router Vulnerabilities Public Exploits
A vulnerability in Netgear routers, already disclosed by two sets of researchers at different security companies, has been publicly exploited. Netgear, meanwhile, has yet to release patched firmware, despite apparently having built one and confirmed with one of the companies that privately...
GLPI 0.85.5 - Arbitrary File Upload / Filter Bypass / Remote Code Execution
Exploit Title: GLPI 0.85.5 RCE through file upload filter bypass Date: September 7th, 2015 Exploit Author: Raffaele Forte Vendor Homepage: http://www.glpi-project.org/ Software Link: https://forge.glpi-project.org/attachments/download/2093/glpi-0.85.5.tar.gz Version: GLPI 0.85.5 Tested on: CentOS...
Barracuda Web Filter <= 5.0.0.012 Remote Command Execution
The remote Barracuda Web Filter device is running a firmware version at or prior to 5.0.0.012. It is, therefore, affected by a remote command execution vulnerability in the web administration interface. An authenticated, remote attacker can exploit this, via a specially crafted request to...
CVE-2015-6754
Cross-site scripting XSS vulnerability in the administration interface in the Path Breadcrumbs module 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "Administer Path Breadcrumbs" permission to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the administration interface in the Path Breadcrumbs module 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "Administer Path Breadcrumbs" permission to inject arbitrary web script or HTML via unspecified vectors...
Hardcoded credentials
Actiontec GT784WN modems with firmware before NCS01-1.0.13 have hardcoded credentials, which makes it easier for remote attackers to obtain root access by connecting to the web administration interface...