Lucene search
K

6 matches found

Packet Storm
Packet Storm
added 2012/06/29 12:0 a.m.56 views

Openfire Admin Console Authentication Bypass

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' require 'rex/zip' class Metasploit3...

7.5CVSS0.3AI score0.83382EPSS
Exploits5
Exploit DB
Exploit DB
added 2012/06/28 12:0 a.m.106 views

Openfire Server 3.6.0a - Admin Console Authentication Bypass (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' require 'rex/zip' class Metasploit3...

7.5CVSS6.4AI score0.83382EPSS
Exploits5
Metasploit
Metasploit
added 2012/06/24 11:35 a.m.80 views

Openfire Admin Console Authentication Bypass

This module exploits an authentication bypass vulnerability in the administration console of Openfire servers. By using this vulnerability it is possible to upload/execute a malicious Openfire plugin on the server and execute arbitrary Java code. This module has been tested against Openfire 3.6.0...

7.5CVSS7.1AI score0.83382EPSS
Exploits5
OpenVAS
OpenVAS
added 2009/04/06 12:0 a.m.26 views

Gentoo Security Advisory GLSA 200904-01 (openfire)

The remote host is missing updates announced in advisory GLSA 200904-01. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

7.5CVSS7.5AI score0.83382EPSS
Exploits10References3
CVE
CVE
added 2009/03/23 7:26 p.m.205 views

CVE-2008-6508

Openfire Openfire Admin Console is affected by a directory traversal (path traversal) vulnerability (CVE-2008-6508) in the AuthCheck filter, enabling remote attackers to bypass authentication and access the admin interface via a .. sequence in a URI that matches the Exclude-Strings list. Affected...

7.5CVSS7.4AI score0.83382EPSS
In wildExploits5References11Affected Software1
Circl
Circl
added 2008/11/09 12:0 a.m.17 views

CVE-2008-6508

creationtimestamp| type| source ---|---|--- 2008-11-09 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/7075 2012-06-28 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/19432 2018-05-29 15:50:33+00:00| seen|...

7.5CVSS5.7AI score0.83382EPSS
Exploits5References3
Rows per page
Query Builder