Lucene search
K

211 matches found

OSV
OSV
added 2019/03/25 4:29 p.m.4 views

CVE-2017-9362

ManageEngine ServiceDesk Plus before 9312 contains an XML injection at add Configuration items CMDB API...

8.8CVSS5.8AI score0.04172EPSS
Exploits1References1
Prion
Prion
added 2019/03/25 4:29 p.m.15 views

Design/Logic Flaw

ManageEngine ServiceDesk Plus before 9312 contains an XML injection at add Configuration items CMDB API...

6.5CVSS7.5AI score0.04172EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/03/25 3:54 p.m.47 views

CVE-2017-9362

CVE-2017-9362 affects ManageEngine ServiceDesk Plus prior to version 9312, where an XML injection vulnerability exists in the CMDB API’s add Configuration items endpoint. The issue allows crafted XML data to be processed by the application, potentially impacting confidentiality, integrity, and av...

8.8CVSS8.8AI score0.04172EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/03/25 3:54 p.m.20 views

CVE-2017-9362

ManageEngine ServiceDesk Plus before 9312 contains an XML injection at add Configuration items CMDB API...

8.9AI score0.04172EPSS
Exploits1References1
CNVD
CNVD
added 2019/01/17 12:0 a.m.1 views

i-doit CMDB SQL Injection Vulnerability

i-doIT is a CMDB Configuration Management Database based on ITIL technology. An SQL injection vulnerability exists in i-doit CMDB. An attacker can exploit the vulnerability to obtain sensitive database information...

7.9AI score
Exploits0References1
Packet Storm
Packet Storm
added 2019/01/15 12:0 a.m.124 views

i-doit CMDB 1.12 SQL Injection

Exploit Title: i-doit CMDB 1.12 - SQL Injection Dork: N/A Date: 2019-01-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.i-doit.org/ Software Link: https://netcologne.dl.sourceforge.net/project/i-doit/i-doit/1.12/idoit-open-1.12.zip Version: 1.12 Category: Webapps Tested on:...

Exploits0
OpenVAS
OpenVAS
added 2019/01/15 12:0 a.m.126 views

i-doit CMDB Detection

Detection of i-doit CMDB. The script sends a connection request to the server and attempts to detect i-doit CMDB and to extract its version. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

7.2AI score
Exploits0References1
OpenVAS
OpenVAS
added 2019/01/15 12:0 a.m.97 views

i-doit CMDB <= 1.12 Arbitrary File Download Vulnerability

i-doit CMDB is prone to an authenticated arbitrary file download vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program...

7.2AI score
Exploits0References3
exploitpack
exploitpack
added 2019/01/14 12:0 a.m.14 views

i-doit CMDB 1.12 - SQL Injection

i-doit CMDB 1.12 - SQL Injection Exploit Title: i-doit CMDB 1.12 - SQL Injection Dork: N/A Date: 2019-01-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.i-doit.org/ Software Link: https://netcologne.dl.sourceforge.net/project/i-doit/i-doit/1.12/idoit-open-1.12.zip Version: 1.12...

Exploits0
exploitpack
exploitpack
added 2019/01/14 12:0 a.m.13 views

i-doit CMDB 1.12 - Arbitrary File Download

i-doit CMDB 1.12 - Arbitrary File Download Exploit Title: i-doit CMDB 1.12 - Arbitrary File Download Dork: N/A Date: 2019-01-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.i-doit.org/ Software Link: https://netcologne.dl.sourceforge.net/project/i-doit/i-doit/1.12/idoit-open-1.12.zip...

0.2AI score
Exploits0
0day.today
0day.today
added 2019/01/14 12:0 a.m.24 views

i-doit CMDB 1.12 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: i-doit CMDB 1.12 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://www.i-doit.org/ Software Link: https://netcologne.dl.sourceforge.net/project/i-doit/i-doit/1.12/idoit-open-1.12.zip Version: 1.12 Category:...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2019/01/14 12:0 a.m.24 views

i-doit CMDB 1.12 Arbitrary File Download

Exploit Title: i-doit CMDB 1.12 - Arbitrary File Download Dork: N/A Date: 2019-01-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.i-doit.org/ Software Link: https://netcologne.dl.sourceforge.net/project/i-doit/i-doit/1.12/idoit-open-1.12.zip Version: 1.12 Category: Webapps Tested on:...

0.2AI score
Exploits0
0day.today
0day.today
added 2019/01/14 12:0 a.m.14 views

i-doit CMDB 1.12 - Arbitrary File Download Vulnerability

Exploit for php platform in category web applications Exploit Title: i-doit CMDB 1.12 - Arbitrary File Download Exploit Author: Ihsan Sencan Vendor Homepage: https://www.i-doit.org/ Software Link: https://netcologne.dl.sourceforge.net/project/i-doit/i-doit/1.12/idoit-open-1.12.zip Version: 1.12...

Exploits0
Exploit DB
Exploit DB
added 2019/01/14 12:0 a.m.121 views

i-doit CMDB 1.12 - Arbitrary File Download

Exploit Title: i-doit CMDB 1.12 - Arbitrary File Download Dork: N/A Date: 2019-01-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.i-doit.org/ Software Link: https://netcologne.dl.sourceforge.net/project/i-doit/i-doit/1.12/idoit-open-1.12.zip Version: 1.12 Category: Webapps Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/01/14 12:0 a.m.61 views

i-doit CMDB 1.12 - SQL Injection

Exploit Title: i-doit CMDB 1.12 - SQL Injection Dork: N/A Date: 2019-01-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.i-doit.org/ Software Link: https://netcologne.dl.sourceforge.net/project/i-doit/i-doit/1.12/idoit-open-1.12.zip Version: 1.12 Category: Webapps Tested on:...

7.4AI score
Exploits0
vulnersOsv
vulnersOsv
added 2018/12/20 10:1 p.m.3 views

ai.foremast.metrics:foremast-spring-boot-k8s-metrics-starter (>=0.1.2 <=0.1.6), cn.aghost:nacos-address (>=1.2.1.aghost-fix.20201109 <=1.2.1.aghost-fix.20210122) +408 more potentially affected by CVE-2018-15801 via org.springframework.security:spring-security-core (>=5.1.0.RELEASE <=5.1.1.RELEASE)

org.springframework.security:spring-security-core MAVEN version =5.1.0.RELEASE, =0.1.2, =1.2.1.aghost-fix.20201109, =1.2.1.aghost-fix.20201109, =1.2.1.aghost-fix.20201109, =1.2.1.aghost-fix.20201109, =1.2.1.aghost-fix.20201109, =1.2.1.aghost-fix.20201109, =1.2.1.aghost-fix.20201109,...

7.4CVSS6.1AI score0.00653EPSS
Exploits0
exploitpack
exploitpack
added 2018/12/09 12:0 a.m.26 views

i-doit CMDB 1.11.2 - Remote Code Execution

i-doit CMDB 1.11.2 - Remote Code Execution Exploit Title: i-doit CMDB 1.11.2 - Remote Code Execution Date: 2018-12-05 Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://www.i-doit.org/ Software Link: https://www.i-doit.org/i-doit-open-1-11-2/ Versio...

8.1AI score
Exploits0
0day.today
0day.today
added 2018/12/09 12:0 a.m.35 views

i-doit CMDB 1.11.2 - Remote Code Execution Exploit

Exploit for php platform in category web applications Exploit Title: i-doit CMDB 1.11.2 - Remote Code Execution Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://www.i-doit.org/ Software Link: https://www.i-doit.org/i-doit-open-1-11-2/ Version:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2018/12/07 12:0 a.m.35 views

i-doit CMDB 1.11.2 Remote Code Execution

Exploit Title: i-doit CMDB 1.11.2 - Remote Code Execution Date: 2018-12-05 Exploit Author: Azkan Mustafa AkkuA AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://www.i-doit.org/ Software Link: https://www.i-doit.org/i-doit-open-1-11-2/ Version: v1.11.2 Category: Webapps Tested on: XAM...

7.4AI score
Exploits0
Information Security Automation
Information Security Automation
added 2018/08/16 10:3 a.m.32 views

Asset Inventory for Network Perimeter: from Declarations to Active Scanning

In the previous post, I shared some of my thoughts about the good Asset Inventory system. Of course, for me as a Security Specialist, it would be great if IT will provide such magical system. But such an ideal situation is rarely possible. So now let's see how to build an Asset Inventory system...

6.8AI score
Exploits0
Rows per page
Query Builder