211 matches found
CVE-2017-9362
ManageEngine ServiceDesk Plus before 9312 contains an XML injection at add Configuration items CMDB API...
Design/Logic Flaw
ManageEngine ServiceDesk Plus before 9312 contains an XML injection at add Configuration items CMDB API...
CVE-2017-9362
CVE-2017-9362 affects ManageEngine ServiceDesk Plus prior to version 9312, where an XML injection vulnerability exists in the CMDB API’s add Configuration items endpoint. The issue allows crafted XML data to be processed by the application, potentially impacting confidentiality, integrity, and av...
CVE-2017-9362
ManageEngine ServiceDesk Plus before 9312 contains an XML injection at add Configuration items CMDB API...
i-doit CMDB SQL Injection Vulnerability
i-doIT is a CMDB Configuration Management Database based on ITIL technology. An SQL injection vulnerability exists in i-doit CMDB. An attacker can exploit the vulnerability to obtain sensitive database information...
i-doit CMDB 1.12 SQL Injection
Exploit Title: i-doit CMDB 1.12 - SQL Injection Dork: N/A Date: 2019-01-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.i-doit.org/ Software Link: https://netcologne.dl.sourceforge.net/project/i-doit/i-doit/1.12/idoit-open-1.12.zip Version: 1.12 Category: Webapps Tested on:...
i-doit CMDB Detection
Detection of i-doit CMDB. The script sends a connection request to the server and attempts to detect i-doit CMDB and to extract its version. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
i-doit CMDB <= 1.12 Arbitrary File Download Vulnerability
i-doit CMDB is prone to an authenticated arbitrary file download vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program...
i-doit CMDB 1.12 - SQL Injection
i-doit CMDB 1.12 - SQL Injection Exploit Title: i-doit CMDB 1.12 - SQL Injection Dork: N/A Date: 2019-01-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.i-doit.org/ Software Link: https://netcologne.dl.sourceforge.net/project/i-doit/i-doit/1.12/idoit-open-1.12.zip Version: 1.12...
i-doit CMDB 1.12 - Arbitrary File Download
i-doit CMDB 1.12 - Arbitrary File Download Exploit Title: i-doit CMDB 1.12 - Arbitrary File Download Dork: N/A Date: 2019-01-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.i-doit.org/ Software Link: https://netcologne.dl.sourceforge.net/project/i-doit/i-doit/1.12/idoit-open-1.12.zip...
i-doit CMDB 1.12 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: i-doit CMDB 1.12 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://www.i-doit.org/ Software Link: https://netcologne.dl.sourceforge.net/project/i-doit/i-doit/1.12/idoit-open-1.12.zip Version: 1.12 Category:...
i-doit CMDB 1.12 Arbitrary File Download
Exploit Title: i-doit CMDB 1.12 - Arbitrary File Download Dork: N/A Date: 2019-01-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.i-doit.org/ Software Link: https://netcologne.dl.sourceforge.net/project/i-doit/i-doit/1.12/idoit-open-1.12.zip Version: 1.12 Category: Webapps Tested on:...
i-doit CMDB 1.12 - Arbitrary File Download Vulnerability
Exploit for php platform in category web applications Exploit Title: i-doit CMDB 1.12 - Arbitrary File Download Exploit Author: Ihsan Sencan Vendor Homepage: https://www.i-doit.org/ Software Link: https://netcologne.dl.sourceforge.net/project/i-doit/i-doit/1.12/idoit-open-1.12.zip Version: 1.12...
i-doit CMDB 1.12 - Arbitrary File Download
Exploit Title: i-doit CMDB 1.12 - Arbitrary File Download Dork: N/A Date: 2019-01-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.i-doit.org/ Software Link: https://netcologne.dl.sourceforge.net/project/i-doit/i-doit/1.12/idoit-open-1.12.zip Version: 1.12 Category: Webapps Tested on:...
i-doit CMDB 1.12 - SQL Injection
Exploit Title: i-doit CMDB 1.12 - SQL Injection Dork: N/A Date: 2019-01-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.i-doit.org/ Software Link: https://netcologne.dl.sourceforge.net/project/i-doit/i-doit/1.12/idoit-open-1.12.zip Version: 1.12 Category: Webapps Tested on:...
ai.foremast.metrics:foremast-spring-boot-k8s-metrics-starter (>=0.1.2 <=0.1.6), cn.aghost:nacos-address (>=1.2.1.aghost-fix.20201109 <=1.2.1.aghost-fix.20210122) +408 more potentially affected by CVE-2018-15801 via org.springframework.security:spring-security-core (>=5.1.0.RELEASE <=5.1.1.RELEASE)
org.springframework.security:spring-security-core MAVEN version =5.1.0.RELEASE, =0.1.2, =1.2.1.aghost-fix.20201109, =1.2.1.aghost-fix.20201109, =1.2.1.aghost-fix.20201109, =1.2.1.aghost-fix.20201109, =1.2.1.aghost-fix.20201109, =1.2.1.aghost-fix.20201109, =1.2.1.aghost-fix.20201109,...
i-doit CMDB 1.11.2 - Remote Code Execution
i-doit CMDB 1.11.2 - Remote Code Execution Exploit Title: i-doit CMDB 1.11.2 - Remote Code Execution Date: 2018-12-05 Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://www.i-doit.org/ Software Link: https://www.i-doit.org/i-doit-open-1-11-2/ Versio...
i-doit CMDB 1.11.2 - Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: i-doit CMDB 1.11.2 - Remote Code Execution Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://www.i-doit.org/ Software Link: https://www.i-doit.org/i-doit-open-1-11-2/ Version:...
i-doit CMDB 1.11.2 Remote Code Execution
Exploit Title: i-doit CMDB 1.11.2 - Remote Code Execution Date: 2018-12-05 Exploit Author: Azkan Mustafa AkkuA AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://www.i-doit.org/ Software Link: https://www.i-doit.org/i-doit-open-1-11-2/ Version: v1.11.2 Category: Webapps Tested on: XAM...
Asset Inventory for Network Perimeter: from Declarations to Active Scanning
In the previous post, I shared some of my thoughts about the good Asset Inventory system. Of course, for me as a Security Specialist, it would be great if IT will provide such magical system. But such an ideal situation is rarely possible. So now let's see how to build an Asset Inventory system...