Sophos Web Appliance change_password Admin Password Privilege Escalation (CVE-2014-2849)

A privilege escalation vulnerability has been reported in Sophos Web Appliance. The vulnerability is due to errors in a changepassword request when handling user input. A remote authenticated attacker could exploit this vulnerability by placing specially crafted data in a changepassword request...

Sophos Web Appliance Privilege Escalation and Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sophos Web Appliance. Authentication is required to exploit this vulnerability. The specific flaws exist within the changepassword and netinterface functions of the web appliance. The first flaw wi...

BLUE COM Router 5360/52018 - Password Reset Exploit

BlueCom router model 5360/52018 remote password reset exploit. Exploit Title: BLUE COM Router - 5360/52018 Password Reset Exploit Date: 20/1/2013 Exploit Author: KAI kaisai12 Home: CEH.VN Version: BCOM - 5360 vulnerability - change password easy ! no protect ! var loc = 'password.cgi?'; switch id...

CVE-2008-6553

microcms-admin-home.php in Implied by Design Micro CMS Micro-CMS 3.5 aka 0.3.5 does not require authentication as an administrator, which allows remote attackers to 1 create administrative accounts via an addadmin action, 2 remove administrative accounts via a deleteadmin action, and 3 modify...