5078 matches found
Kibana 6.6.1 CSV Injection
Exploit Title: Kibana 6.6.1 - CSV Injection Google Dork: inurl:"/app/kibana" intitle:"Kibana" Date: 2020-01-15 Exploit Author: Aamir Rehman Vendor Homepage: https://www.elastic.co/kibana Software Link: https://www.elastic.co/downloads/ Version: v6.6.1 possibly latest versions Tested on: Kibana...
Kibana 6.6.1 - CSV Injection Vulnerability
Exploit for windows platform in category web applications Exploit Title: Kibana 6.6.1 - CSV Injection Google Dork: inurl:"/app/kibana" intitle:"Kibana" Exploit Author: Aamir Rehman Vendor Homepage: https://www.elastic.co/kibana Software Link: https://www.elastic.co/downloads/ Version: v6.6.1...
Kibana 6.6.1 - CSV Injection
Kibana 6.6.1 - CSV Injection Exploit Title: Kibana 6.6.1 - CSV Injection Google Dork: inurl:"/app/kibana" intitle:"Kibana" Date: 2020-01-15 Exploit Author: Aamir Rehman Vendor Homepage: https://www.elastic.co/kibana Software Link: https://www.elastic.co/downloads/ Version: v6.6.1 possibly latest...
WordPress Flamingo plugin <= 2.1 - CSV Injection vulnerability
CSV Injection vulnerability found by Vishnupriya Ilango FortiGuard Labs in WordPress Flamingo plugin versions = 2.1. Solution Update the WordPress Flamingo plugin to the latest available version at least 2.1.1...
January 23, 2020—KB4534320 (Preview of Monthly Rollup)
January 23, 2020—KB4534320 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4534283released January 14, 2020 and also includes these new quality improvements as a preview of the next Monthly Rollup update: No additiona...
CVE-2019-19392
The forDNN.UsersExportImport module before 1.2.0 for DNN formerly DotNetNuke allows an unprivileged user to import create new users with Administrator privileges, as demonstrated by Roles="Administrators" in XML or CSV data...
CVE-2019-19392
The forDNN.UsersExportImport module before 1.2.0 for DNN formerly DotNetNuke allows an unprivileged user to import create new users with Administrator privileges, as demonstrated by Roles="Administrators" in XML or CSV data...
CVE-2019-19392
The forDNN.UsersExportImport module before 1.2.0 for DNN formerly DotNetNuke allows an unprivileged user to import create new users with Administrator privileges, as demonstrated by Roles="Administrators" in XML or CSV data...
CVE-2019-20385
The CSV upload feature in /supervisor/procesacarga.php on Logaritmo Aware CallManager 2012 devices allows upload of .php files with a text/ content type. The PHP code can then be executed by visiting a /supervisor/csv/ URI...
CVE-2019-20385
The CSV upload feature in /supervisor/procesacarga.php on Logaritmo Aware CallManager 2012 devices allows upload of .php files with a text/ content type. The PHP code can then be executed by visiting a /supervisor/csv/ URI...
Design/Logic Flaw
The CSV upload feature in /supervisor/procesacarga.php on Logaritmo Aware CallManager 2012 devices allows upload of .php files with a text/ content type. The PHP code can then be executed by visiting a /supervisor/csv/ URI...
CVE-2019-20385
The CSV upload feature in /supervisor/procesacarga.php on Logaritmo Aware CallManager 2012 devices allows upload of .php files with a text/ content type. The PHP code can then be executed by visiting a /supervisor/csv/ URI...
CVE-2019-20385
CVE-2019-20385 affects Logaritmo Aware CallManager 2012 devices. The vulnerability arises from the CSV upload feature in /supervisor/procesa_carga.php, which allows uploading of .php files with a text/* content type. The uploaded PHP code can then be executed by accessing /supervisor/csv/. Red Ha...
TeleGram-Scraper - Telegram Group Scraper Tool (Fetch All Information About Group Members)
Telegram Group Scraper Tool. Fetch All Information About Group Members • How To Install & Setup API Termux • API Setup Go to http://my.telegram.org and log in. Click on API development tools and fill the required fields. put app name you want & select other in platform Example : copy "apiid" &...
Flamingo < 2.1.1 - CSV Injection
The Flamingo WordPress plugin was affected by a CSV Injection security vulnerability...
January 14, 2020—KB4534288 (Security-only update)
January 14, 2020—KB4534288 Security-only update Improvements and fixes This security update includes quality improvements. Key changes include: Security updates to Windows Input and Composition, Windows Media, Windows Storage and Filesystems, and Windows Server. For more information about the...
January 14, 2020—KB4534306 (OS Build 10240.18453)
January 14, 2020—KB4534306 OS Build 10240.18453 For more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following article. Highlights Updates to improve security when storing and managing files. Updates to impro...
WordPress TablePress Plugin < 1.10 CSV Injection Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.112685";...
CVE-2019-20184
KeePass 2.4.1 allows CSV injection in the title field of a CSV export...
CVE-2019-20184
KeePass 2.4.1 allows CSV injection in the title field of a CSV export...