Lucene search
K

28 matches found

Akamai Blog
Akamai Blog
added 2021/03/24 2:0 p.m.977 views

Authentication: Lessons Learned from Microsoft Exchange and F5 BIG-IP Hacks

The past month has been a very dynamic time in the world of security for hackers and threat researchers, but it has been an extended nightmare for CSOs responsible for securing their enterprise networks. For starters, on-premise Microsoft Exchange servers were attacked in droves after a set of...

7.5CVSS0.1AI score0.99999EPSS
Exploits64
Exploit DB
Exploit DB
added 2019/09/19 12:0 a.m.271 views

GOautodial 4.0 - 'CreateEvent' Persistent Cross-Site Scripting

Exploit Title: GOautodial 4.0 - 'CreateEvent' Persistent Cross-Site Scripting Author: Cakes Discovery Date: 2019-09-19 Vendor Homepage: https://goautodial.org/ Software Link: https://downloads2.goautodial.org/centos/7/isos/x8664/GOautodial-4-x8664-Pre-Release-20180929-0618.iso Tested Version: 4.0...

7.4AI score
Exploits0
0day.today
0day.today
added 2015/02/14 12:0 a.m.19 views

eTouch Samepage 4.4.0.0.239 SQL Injection / File Read Vulnerabilities

Exploit for php platform in category web applications Couldn’t find anyone to contact regarding this, so dropping it. eTouch SamePage v4.4.0.0.239 multiple vulnerabilities http://www.etouch.net/products/samepage/index.html Enterprise trial was installed in an Ubuntu virtual machine with MySQL. By...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

Blue Coat Reporter 7.0/7.1 - Remote Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13723/info Blue Coat Reporter is prone to a remote privilege escalation vulnerability. This issue is due to a failure in the application to properly authenticate a user prior to permitting access to administrator function...

7.1AI score
Exploits0
0day.today
0day.today
added 2013/11/09 12:0 a.m.92 views

Symantec Altiris DS SQL Injection Vulnerability

Usage Info This module exploits a SQL injection flaw in Symantec Altiris Deployment Solution 6.8 to 6.9.164. The vulnerability exists on axengine.exe which fails to adequately sanitize numeric input fields in "UpdateComputer" notification Requests. In order to spawn a shell, several SQL injection...

7.9AI score0.32678EPSS
Exploits9
Metasploit
Metasploit
added 2013/11/07 11:34 p.m.73 views

Symantec Altiris DS SQL Injection

This module exploits a SQL injection flaw in Symantec Altiris Deployment Solution 6.8 to 6.9.164. The vulnerability exists on axengine.exe which fails to adequately sanitize numeric input fields in "UpdateComputer" notification Requests. In order to spawn a shell, several SQL injections are...

7.5CVSS7.9AI score0.32678EPSS
Exploits9
Cvelist
Cvelist
added 2008/05/20 10:0 a.m.12 views

CVE-2008-2347

MyPicGallery 1.0 allows remote attackers to bypass application authentication and gain administrative access by setting the userID parameter to "admin" in a direct request to admin/addUser.php...

7.1AI score0.02561EPSS
Exploits1References3
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.28 views

windows.weak.passwds.txt

Secure Storage of Secrets in Windows Aleph One [email protected] Mon, 17 May 1999 14:57:31 -0700 Not long ago we discussed why you still see messages that describe yet another application that stores passwords in an insecure manner, in particular under Windows. The bottom line was that there...

7.4AI score
Exploits0
Rows per page
Query Builder