ManageEngine opManager 12.3.150 Remote Code Execution

!/usr/bin/env python3 Exploit Title: ManageEngine opManager Authenticated Code Execution Google Dork: N/A Date: 08/13/2019 Exploit Author: @kindredsec Vendor Homepage: https://www.manageengine.com/ Software Link: https://www.manageengine.com/network-monitoring/download.html Version: 12.3.150 Test...

CVE-2019-10658

Grandstream GWN7610 before 1.0.8.18 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the filename in a /ubus/controller.icc.updatendswebrootfromtmp updatendswebrootfromtmp API call...

CVE-2019-7385

An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT803G-U, HT803G-W, HT803G-1GE, and HT803G GPON products with the firmware version ISCOMHT803G-U2.0.0140521R4.1.47.002 or below, The values of the newpass and confpass parameters in /bin/WebMGR are used in a syst...

CVE-2019-7384

CVE-2019-7384 affects Raisecom ISCOM HT803G-U, HT803G-W, HT803G-1GE, and HT803G GPON ONTs with firmware

UBUNTU-CVE-2019-6250

A pointer overflow, with code execution, was discovered in ZeroMQ libzmq aka 0MQ 4.2.x and 4.3.x before 4.3.1. A v2decoder.cpp zmq::v2decodert::sizeready integer overflow allows an authenticated attacker to overwrite an arbitrary amount of bytes beyond the bounds of a buffer, which can be leverag...

ProfileGrid – User Profiles, Groups and Communities <= 2.8.5 - Authenticated Code Execution

The plugin ProfileGrid – User Profiles, Groups and Communities versions prior to 2.8.6 is vulnerable to Arbitrary Code Execution. An authenticated user with a role as low as Subscriber can execute arbitrary PHP code on websites using the plugin. PoC Send an authenticated POST request to...

CVE-2018-0007

An unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to the local segment, through a local segment broadcast, may be able to cause a Junos device to enter an improper boundary check condition allowing a memory corruption to occur, leading to a denial of service...

OV3 Online Administration 3.0 Authenticated Code Execution

Summary With the decision to use the OV3 as a platform for your data management, the course is set for scalable, flexible and high-performance applications. Whether you use the OV3 for your internal data management or use it for commercial business applications such as shops, portals, etc. Thanks...

MetInfo 5.3.17 Authenticated Code Execution Vulnerability(CVE-2017-11347)

MetInfo 5.3.17 Authenticated Code Execution Vulnerability Technical Description: We can use the GPC data to register variables in admin/include/common.inc.php: php foreacharray'COOKIE', 'POST', 'GET' as $request foreach$$request as $key = $value $key0 != '' && $$key = daddslashes$value,0,0,1;...

CVE-2017-11347

Authenticated Code Execution Vulnerability in MetInfo 5.3.17 allows a remote authenticated attacker to generate a PHP script with the content of a malicious image, related to admin/include/common.inc.php and admin/app/physical/physical.php...

CVE-2017-1274

IBM Domino 8.5.3, and 9.0 is vulnerable to a stack based overflow in the IMAP service that could allow an authenticated attacker to execute arbitrary code by specifying a large mailbox name. IBM X-Force ID: 124749...

VulnCheck KEV: CVE-2017-1274

IBM Domino 8.5.3, and 9.0 is vulnerable to a stack based overflow in the IMAP service that could allow an authenticated attacker to execute arbitrary code by specifying a large mailbox name. IBM X-Force ID: 124749...

CVE-2015-2116

Unspecified vulnerability in HP Storage Data Protector 7.x before 7.03 build 107 allows remote authenticated users to execute arbitrary code or cause a denial of service via unknown vectors...

Apache Tomcat Manager Application Deployer Authenticated Code Execution

No description provided by source. $Id: tomcatmgrdeploy.rb 11330 2010-12-14 17:26:44Z egypt $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

Sun/Oracle GlassFish Server Authenticated Code Execution

No description provided by source. $Id: glassfishdeployer.rb 13485 2011-08-04 17:36:01Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

RUCKUS ADVISORY ID 111113-1: Authenticated code injection vulnerability in ZoneDirector administrative web interface

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 RUCKUS ADVISORY ID 111113-1 Customer release date: Sep 9, 2013 Public release date: Nov 11, 2013 TITLE Authenticated code injection vulnerability in ZoneDirector administrative web interface SUMMARY A vulnerability has been discovered in ZoneDirector...

VMware Studio 2.x < 2.1 Multiple Vulnerabilities

The version of VMware Studio installed on the remote host is 2.x prior to 2.1. It is, therefore, potentially affected by multiple vulnerabilities : - An authenticated code execution vulnerability exists in the Virtual Appliance Management Infrastructure. CVE-2010-2667 - A local privilege escalati...

Sun/Oracle GlassFish Server Authenticated Code Execution

This module logs in to a GlassFish Server Open Source or Commercial using various methods such as authentication bypass, default credentials, or user-supplied login, and deploys a malicious war file in order to get remote code execution. It has been tested on Glassfish 2.x, 3.0, 4.0 and Sun Java...

CVE-2013-5740

Unspecified vulnerability in the Intel Trusted Execution Technology TXT SINIT Authenticated Code Modules ACM before 1.2, as used by the Intel QM77, QS77, Q77 Express, C216, Q67 Express, C202, C204, and C206 chipsets and Mobile Intel QM67 and QS67 chipsets, when the measured launch environment MLE...

Apache Tomcat Manager Application Deployer Authenticated Code Execution

This module can be used to execute a payload on Apache Tomcat servers that have an exposed "manager" application. The payload is uploaded as a WAR archive containing a jsp application using a PUT request. The manager application can also be abused using /manager/html/upload, but that method is no...