Lucene search
K

8 matches found

OpenVAS
OpenVAS
added 2019/07/12 12:0 a.m.148 views

Red Hat JBoss Application Server (AS) Console and Web Management Misconfiguration Vulnerability - Active Check

The default configuration of Red Hat JBoss Application Server AS does not restrict access to the console and web management interfaces, which allows remote attackers to bypass authentication and gain administrative access via direct requests. SPDX-FileCopyrightText: 2019 Greenbone AG Some text...

7.5CVSS6.9AI score0.81832EPSS
Exploits5References2
Prion
Prion
added 2013/09/16 1:1 p.m.39 views

Design/Logic Flaw

HP ProCurve Manager PCM 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Driven Manager IDM 4.0, and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to 1 EJBInvokerServlet or 2 JMXInvokerServlet, aka ZDI-CAN-1760. NOTE: this is probably a duplica...

10CVSS7.8AI score0.81832EPSS
Exploits38References7Affected Software2
Tenable Nessus
Tenable Nessus
added 2013/07/11 12:0 a.m.56 views

Cisco Prime Data Center Network Manager RMI Remote Code Execution (credentialed check)

According to its self-reported version number, the version of Cisco Prime Data Center Network Manager DCNM installed on the remote host is affected by a remote code execution vulnerability. Unauthorized users have access to the JBoss Application Server Remote Method Invocation services. A remote,...

10CVSS7AI score0.81832EPSS
Exploits5References3
0day.today
0day.today
added 2012/09/05 12:0 a.m.55 views

JBoss DeploymentFileRepository WAR Deployment

Exploit for multiple platform in category remote exploits require 'msf/core' class Metasploit4 /JBoss/ include Msf::Exploit::Remote::HttpClient include Msf::Exploit::EXE def initializeinfo = superupdateinfoinfo, 'Name' = 'JBoss DeploymentFileRepository WAR Deployment via JMXInvokerServlet',...

7.1AI score0.81832EPSS
Exploits5
Packet Storm
Packet Storm
added 2012/09/05 12:0 a.m.51 views

JBoss DeploymentFileRepository WAR Deployment

require 'msf/core' class Metasploit4 /JBoss/ include Msf::Exploit::Remote::HttpClient include Msf::Exploit::EXE def initializeinfo = superupdateinfoinfo, 'Name' = 'JBoss DeploymentFileRepository WAR Deployment via JMXInvokerServlet', 'Description' = %q This module can be used to execute a payload...

7.5CVSS0.81832EPSS
Exploits5
Metasploit
Metasploit
added 2012/09/03 5:50 p.m.73 views

JBoss DeploymentFileRepository WAR Deployment (via JMXInvokerServlet)

This module can be used to execute a payload on JBoss servers that have an exposed HTTPAdaptor's JMX Invoker exposed on the "JMXInvokerServlet". By invoking the methods provided by jboss.admin:DeploymentFileRepository a stager is deployed to finally upload the selected payload to the target. The...

7.5CVSS7.4AI score0.81832EPSS
Exploits5
Circl
Circl
added 2010/10/19 12:0 a.m.23 views

CVE-2007-1036

creationtimestamp| type| source ---|---|--- 2010-10-19 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16318 2012-09-05 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/21080 2018-05-29 15:50:33+00:00| seen|...

7.5CVSS6AI score0.81832EPSS
Exploits5References6
CVE
CVE
added 2007/02/21 11:0 a.m.309 views

CVE-2007-1036

CVE-2007-1036 affects JBoss where the default configuration does not restrict access to the console and web management interfaces. This allows an unauthenticated remote attacker to bypass authentication and gain administrative access via direct requests to the JBoss web console, enabling potentia...

7.5CVSS6.8AI score0.81832EPSS
In wildExploits5References9Affected Software1
Rows per page
Query Builder