Xibo 代码问题漏洞

Xibo is a digital signage content management tool developed by Dan Garner personally. Versions of Xibo prior to 4.4.1 contained code vulnerabilities. These vulnerabilities stemmed from server-side request forgery attacks, which could allow users with DSData permissions to make arbitrary HTTP...

EUVD-2018-18253

Malware in sbrugna...

Winter CMS 1.2.3 - Server-Side Template Injection (SSTI) (Authenticated) Vulnerability

Exploit Title: Winter CMS 1.2.2 - Server-Side Template Injection SSTI Authenticated Exploit Author: tmrswrr Vendor: https://wintercms.com/ Software Link: https://github.com/wintercms/winter/releases/v1.2.2 Vulnerable Versions: 1.2.2 Tested : https://www.softaculous.com/demos/WinterCMS 1 Login wit...

Nuuo Central Management Server 2.4 Authenticated Arbitrary File Upload

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Nuuo Central Management Server Authenticated Arbitrary File Upload", 'Description' = %q The COMMITCONFIG verb is used by a CMS client to upload a...

Nuuo Central Management Server Authenticated Arbitrary File Download

The Nuuo Central Management Server allows an authenticated user to download files from the installation folder. This functionality can be abused to obtain administrative credentials, the SQL Server database password and arbitrary files off the system with directory traversal. The module will...

Nuuo Central Management Server Authenticated Arbitrary File Upload

Nuuo Central Management Server v3.3 and prior allow authenticated users to upload files and specify the destination in a FileName header that is vulnerable to directory traversal. Recent assessments: jrobles-r7 at May 09, 2019 5:57pm UTC reported: Details Details from module documentation in...

CVE-2018-6497

Remote Cross-site Request forgery CSRF potential has been identified in UCMBD Server version DDM Content Pack V 10.20, 10.21, 10.22, 10.22 CUP7, 10.30, 10.31, 10.32, 10.33, 10.33 CUP2, 11.0 and CMS Server version 2018.05 BACKGROUND which could allow for remote unsafe deserialization and cross-sit...

CVE-2018-6497

Remote Cross-site Request forgery CSRF potential has been identified in UCMBD Server version DDM Content Pack V 10.20, 10.21, 10.22, 10.22 CUP7, 10.30, 10.31, 10.32, 10.33, 10.33 CUP2, 11.0 and CMS Server version 2018.05 BACKGROUND which could allow for remote unsafe deserialization and cross-sit...

Cross site request forgery (csrf)

Remote Cross-site Request forgery CSRF potential has been identified in UCMBD Server version DDM Content Pack V 10.20, 10.21, 10.22, 10.22 CUP7, 10.30, 10.31, 10.32, 10.33, 10.33 CUP2, 11.0 and CMS Server version 2018.05 BACKGROUND which could allow for remote unsafe deserialization and cross-sit...

CVE-2018-6497 MFSBGN03810 rev.1 - Universal CMDB, Deserialization Java Objects and CSRF

Remote Cross-site Request forgery CSRF potential has been identified in UCMBD Server version DDM Content Pack V 10.20, 10.21, 10.22, 10.22 CUP7, 10.30, 10.31, 10.32, 10.33, 10.33 CUP2, 11.0 and CMS Server version 2018.05 BACKGROUND which could allow for remote unsafe deserialization and cross-sit...

CVE-2018-6497

The CVE-2018-6497 issue affects Micro Focus UCMBD Server (versions 10.20–11.0) and CMS Server 2018.05 BACKGROUND. The root concern is a CSRF vulnerability that could enable remote unsafe deserialization and subsequent unauthorized operations. Affected components include UCMBD Server’s content pac...

Oracle Java SE Rhino Script Engine Remote Code Execution Vulnerability

Description Oracle Java SE is prone to a remote code-execution vulnerability in Java Runtime Environment. The vulnerability can be exploited over multiple protocols. This issue affects the 'Scripting' sub-component. This vulnerability affects the following supported versions: JDK and JRE 7, 6...

Sun Solaris ip(7P)实现拒绝服务漏洞

BUGTRAQ ID: 33550 CVE ID：CVE-2009-0480 CNCVE ID：CNCVE-20090480 Sun Solaris是一款商业性质的操作系统。 Sun Solaris IP7pInternet协议相关最小号分配的实现存在安全问题，本地攻击者可以利用漏洞分配大量套接字而导致32位应用程序触发拒绝服务攻击。 目前没有详细漏洞细节提供。 Sun Solaris 9x86 Sun Solaris 9 Sun Solaris 8x86 Sun Solaris 8 Sun Solaris 10x86 Sun Solaris 10 Sun OpenSolaris bui...

Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities

Description Sun Java Runtime Environment and Java Development Kit are prone to multiple security vulnerabilities. Successful exploits may allow attackers to violate the same-origin policy, obtain sensitive information, bypass security restrictions, run untrusted applets with elevated privileges,...

Sun Solaris Text Editors Command Execution Vulnerability

Sun Solaris text editors are prone to a command-execution vulnerability. An attacker may leverage this issue to execute arbitrary commands with the privileges of another user on the affected computer. Sun Solaris 8, 9, and 10 are affected. Sun Solaris 9x86 Update 2 Sun Solaris 9 Sun Solaris 8x86...

Sun Solaris 'namefs' Kernel Local Privilege Escalation Vulnerability

Sun Solaris也容易给当地的特权升级的漏洞。 本地攻击者可以利用这个问题上执行任意代码与内核级的特权。成功利用这个问题将导致被完全控制。 Sun Solaris 9x86 Sun Solaris 9 Sun Solaris 8x86 Sun Solaris 8 Sun Solaris 10.0x86 Sun Solaris 10.0 Avaya Interactive Response 3.0 Avaya Interactive Response 2.0 Avaya CMS Server 13.0 Avaya CMS Server 14.1 Avaya CMS Server 14...

Sun Solaris 'snoop(1M)' Utility Multiple Remote Vulnerabilities

The Solaris 'snoop1M' network utility is prone to multiple remote vulnerabilities, including: - Multiple stack-based buffer-overflow vulnerabilities - Multiple format-string vulnerabilities Exploiting these issues will allow attackers to execute arbitrary code with the privileges of the 'nobody'...

Sun Solaris Platform Information and Control Library picld(1M) Local Denial of S

The Sun Solaris Platform Information and Control Library daemon 'picld1M' is prone to a local denial-of-service vulnerability. A local unprivileged attacker can exploit this issue to disable system monitoring and prevent proper operations of certain system utilities, resulting in a...