Lucene search
K

105 matches found

0day.today
0day.today
added 2014/12/18 12:0 a.m.46 views

ResourceSpace 6.4.5976 - XSS / SQL Injection / Insecure Cookie Handling

Exploit for php platform in category web applications Title: ResourceSpace Multiple Cross Site Scripting, and HTML and SQL Injection Vulnerabilities Author: Adler Freiheit Discovered: 11 June 2014 Updated: 11 December 2014 Published: 11 December 2014 Vendor: Montala Limited Vendor url:...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2014/12/15 12:0 a.m.47 views

ResourceSpace 6.4.5976 - Cross-Site Scripting / SQL Injection / Insecure Cookie Handling

​Title: ResourceSpace Multiple Cross Site Scripting, and HTML and SQL Injection Vulnerabilities Author: Adler Freiheit Discovered: 11 June 2014 Updated: 11 December 2014 Published: 11 December 2014 Vendor: Montala Limited Vendor url: www.resourcespace.org Software: ResourceSpace Digital Asset...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/09/02 12:0 a.m.28 views

Novell GroupWise 'FileUploadServlet' Arbitrary File Access Vulnerability

The remote Novell GroupWise administration console is affected by an arbitrary file access vulnerability that allows attackers to access and delete arbitrary files on the affected system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc';...

7.8CVSS5.8AI score0.03081EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2013/11/01 12:0 a.m.891 views

Apache PHP-CGI Remote Code Execution

The PHP installation on the remote web server contains a flaw that could allow a remote attacker to pass command-line arguments as part of a query string to the PHP-CGI program. This could be abused to execute arbitrary code, reveal PHP source code, cause a system crash, etc. %NASLMINLEVEL 70300 ...

9.8CVSS8.7AI score0.99998EPSS
Exploits42References4
Tenable Nessus
Tenable Nessus
added 2013/09/30 12:0 a.m.32 views

Alcatel OmniSwitch Default Credentials (http)

It is possible to log into the remote Alcatel Switch by providing the default credentials. A remote attacker could exploit this to gain administrative control of this installation. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

5.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/09/17 12:0 a.m.246 views

Blue Coat ProxyAV Detection

Blue Coat ProxyAV, an anti-malware appliance, was found. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid69929; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate", value:"2020/09/14"; scriptnameenglish:"Blue Coat ProxyAV Detection";...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/07/31 12:0 a.m.65 views

Sybase EAServer XML External Entity (XXE) Arbitrary File Disclosure

The remote Sybase EAServer install is affected by an arbitrary file disclosure vulnerability. It is possible to view any file on the system by utilizing XML external entity injection in specially crafted XML data sent to the REST service on the remote host. Note that hosts that are affected by th...

5.8AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/07/11 12:0 a.m.50 views

Cisco Prime Data Center Network Manager Web Detection

The web interface for Cisco Prime Data Center Network Manager DCNM was detected on the remote host. DCNM is used to manage virtualized data centers. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid67246; scriptversion"1.10";...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/06/19 12:0 a.m.523 views

Apache Struts 2 OGNL Expression Handling Double Evaluation Error Remote Command Execution

The remote web application appears to use Struts 2, a web framework that utilizes OGNL Object-Graph Navigation Language as an expression language. Due to a flaw in the evaluation of an OGNL expression, a remote, unauthenticated attacker can exploit this issue to execute arbitrary commands on the...

9.3CVSS8.3AI score0.70211EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2013/05/31 12:0 a.m.32 views

Junos Space WebUI Detection

Junos Space is a network management solution used to automate management for Juniper hardware. Junos Space WebUI, the web interface for Junos Space, was detected on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid66720; scriptversion"1.4";...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/04/26 12:0 a.m.13 views

Puppet Enterprise Console Detection

Puppet Enterprise Console, a web management interface for Puppet Enterprise, was detected on the remote web server. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid66234; scriptversion"1.5"; scriptcvsdate"Date: 2019/11/22"; scriptnameenglish:"Puppet Enterprise Console...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/04/23 12:0 a.m.18 views

JBoss Web Services Endpoint Enumeration

JBossWS, a framework similar to JAX-WS for making Java EE web services, is listening on the remote host and lists its registered endpoints. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid66189; scriptversion"1.3";...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/04/12 12:0 a.m.25 views

Citrix Access Gateway User Web Interface Detection

The remote web server hosts the web interface for using Citrix Access Gateway, an SSL VPN appliance. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid65951; scriptversion"1.5"; scriptsetattributeattribute:"pluginmodificationdate", value:"2020/09/22";...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/04/02 12:0 a.m.11 views

Gallery Detection

The remote host is running Gallery, an open source photo album application written in PHP. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid65766; scriptversion"1.4"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/06/01"; scriptnameenglish:"Gallery...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/04/02 12:0 a.m.22 views

Cerb Detection

The remote web server hosts Cerb, a web-based business collaboration and automation tool. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid65983; scriptversion"1.3"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/06/01"; scriptnameenglish:"Cerb...

5.4AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/03/29 12:0 a.m.13 views

McAfee Vulnerability Manager Detect

McAfee Vulnerability Manager, a web-based vulnerability manager, is installed on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid65737; scriptversion"1.9"; scriptsetattributeattribute:"pluginmodificationdate", value:"2020/09/22"; scriptxrefname:"IAVT"...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2012/11/21 12:0 a.m.29 views

NetIQ Privileged User Manager Default Admin Password

Nessus was able to login to the NetIQ Privileged User Manager install running on the remote host using default, known credentials for the 'admin' user. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid62990;...

5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/09/06 12:0 a.m.19 views

EMail Security Virtual Appliance Detection

EMail Security Virtual Appliance, an email filtering and security application, is installed on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid61995; scriptversion"1.4"; scriptcvsdate"Date: 2019/11/25"; scriptnameenglish:"EMail Security Virtual...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2012/08/20 12:0 a.m.351 views

Scrutinizer Default Credentials Check

The Scrutinizer install on the remote host is using default credentials for the 'admin' user. Using these credentials, it is possible to login and gain access to the back end administrative interface. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

5.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/04/10 12:0 a.m.37 views

Lenovo ThinkManagement Console Detection

Lenovo ThinkManagement Console, a web-based API for Lenovo ThinkManagement, was found on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid58653; scriptversion"1.4"; scriptcvsdate"Date: 2019/11/25"; scriptnameenglish:"Lenovo ThinkManagement Console...

5.4AI score
Exploits0References1
Rows per page
Query Builder