up.time 7.5.0 Upload / Execute File

up.time 7.5.0 Upload And Execute File Exploit Vendor: Idera Inc. Product web page: http://www.uptimesoftware.com Affected version: 7.5.0 build 16 and 7.4.0 build 13 Summary: The next-generation of IT monitoring software. Desc: up.time suffers from arbitrary command execution. Attackers can...

CVE-2015-4303

Cisco TelePresence Video Communication Server VCS X8.5.2 allows remote authenticated users to execute arbitrary commands in the context of the nobody user account via an unspecified web-page parameter, aka Bug ID CSCuv12333...

up.time 7.5.0 Upload And Execute File Exploit

Exploit for php platform in category web applications up.time 7.5.0 Upload And Execute File Exploit Vendor: Idera Inc. Product web page: http://www.uptimesoftware.com Affected version: 7.5.0 build 16 and 7.4.0 build 13 Summary: The next-generation of IT monitoring software. Desc: up.time suffers...

Cisco TelePresence Video Communication Server Expressway Arbitrary Command Execution Vulnerability

Cisco TelePresence Video Communication Server VCS Expressway is a TelePresence video communication server from Cisco that integrates with Unified Communications and voice communication environments to provide the best possible experience for end users using a variety of communication tools. A...

Cisco TelePresence Video Communication Server Expressway Remote Command Injection Vulnerability

Cisco TelePresence Video Communication Server VCS Expressway is a TelePresence video communication server from Cisco that integrates with Unified Communications and voice communication environments to provide the best possible experience for end users using a variety of communication tools. A...

up.time 7.5.0 - Upload and Execute

up.time 7.5.0 - Upload and Execute up.time 7.5.0 Upload And Execute File Exploit Vendor: Idera Inc. Product web page: http://www.uptimesoftware.com Affected version: 7.5.0 build 16 and 7.4.0 build 13 Summary: The next-generation of IT monitoring software. Desc: up.time suffers from arbitrary...

Cisco TelePresence Video Communication Server WEB Interface Arbitrary Command Execution Vulnerability

Cisco TelePresence Video Communication Server is a video conferencing solution that integrates h.323 and SIP. The Cisco TelePresence Video Communication Server WEB interface has a security vulnerability that allows remote authenticated users to send special parameter data and execute arbitrary...

up.time 7.5.0 Upload And Execute File Exploit

Summary The next-generation of IT monitoring software. Description up.time suffers from arbitrary command execution. Attackers can exploit this issue using the monitor service feature and adding a command with respected arguments to given binary for execution. In combination with the CSRF,...

up.time 7.5.0 - Upload and Execute

up.time 7.5.0 Upload And Execute File Exploit Vendor: Idera Inc. Product web page: http://www.uptimesoftware.com Affected version: 7.5.0 build 16 and 7.4.0 build 13 Summary: The next-generation of IT monitoring software. Desc: up.time suffers from arbitrary command execution. Attackers can...

Microweber 1.0.3 Shell Upload

Microweber v1.0.3 File Upload Filter Bypass Remote PHP Code Execution Vendor: Microweber Team Product web page: http://www.microweber.com Affected version: 1.0.3 Summary: Microweber is an open source drag and drop PHP/Laravel CMS licensed under Apache License, Version 2.0 which allows you to...

Cross-site Scripting Vulnerability in the Mail System of Hainan YiPost Software Co.

Hainan YiPost Software Co., Ltd. provides related network communication collaboration software integration program. A cross-site scripting vulnerability exists in the mail system of Hainan YiPost Software Co., Ltd. that can be exploited by an attacker to obtain user cookie information and execute...

Cisco ASR Arbitrary Linux Command Execution Vulnerability

The Cisco ASR 5000 and 5500 devices are Cisco's 5000 series of wireless controller products. The boot implementation of the Cisco ASR 5000 and 5500 devices failed to properly read the local file in the COMPACT FLASH, allowing an attacker logged in with administrator privileges to submit special...

Kguard Digital Video Recorder Command Injection Vulnerability

The Kguard Digital Video Recorder DVR is a digital hard disk recorder from Kguard. A command injection vulnerability exists in Kguard Digital Video Recorder. An attacker could use this vulnerability to execute arbitrary commands within the context of an affected application...

Arbitrary Command Execution Vulnerability in Multiple ESET Products

ESET is a world-renowned computer security software company based in Bratislava, Slovakia. An arbitrary command execution vulnerability exists in several ESET products, which allows an attacker to exploit this vulnerability to execute arbitrary commands with root privileges and take full control ...

CVE-2015-4237

CVE-2015-4237 affects Cisco NX-OS on Nexus switches (NX-OS versions listed in the Cisco/NVD entries). The vulnerability is in the CLI parser where improper validation of special characters in filenames allows an authenticated, local attacker to run arbitrary OS commands, enabling local privilege ...

CVE-2015-3716

Spotlight in Apple OS X before 10.10.4 allows attackers to execute arbitrary commands via a crafted name of a photo file within the local photo library...

CVE-2015-3716

CVE-2015-3716 affects Apple macOS OS X prior to 10.10.4. The issue is in Spotlight handling of image filenames in the local photo library, allowing a crafted photo file name to trigger arbitrary commands. The root cause is input handling/validation in Spotlight when indexing or processing photo n...

Cisco Wireless LAN Controller devices with software arbitrary OS command execution vulnerability

Cisco Wireless LAN Controller WLC is a wireless LAN controller product from Cisco USA. The product provides security policy, intrusion detection and other functions in the wireless LAN. A security vulnerability exists in Cisco WLC devices using version 7.0 240.0 software. A local attacker can...

HP-UX 'pppoec' Access Privilege Vulnerability

HP-UX is a commercial linux operating system. The HP-UX '/usr/bin/pppoec' tool fails to set file access permissions correctly, allowing local users to invoke the tool and execute arbitrary commands with root privileges...

IBM Tivoli Storage Manager FastBack Arbitrary Command Execution Vulnerability (CNVD-2015-04165)

IBM Tivoli Storage Manager FastBack is a suite of software that provides continuous data protection and recovery management capabilities for Microsoft Windows and Linux servers. An arbitrary command execution vulnerability in IBM Tivoli Storage Manager FastBack version 6.1 prior to 6.1.12 allows...