Lucene search
K

7 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

Mutiny 5 Arbitrary File Upload

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

7.1AI score
Exploits0
CVE
CVE
added 2013/06/01 10:0 a.m.68 views

CVE-2013-0136

Mutiny Mutiny Frontend EditDocument servlet contains directory traversal weaknesses disclosed for the Mutiny 5 appliance. The vulnerability allows authenticated users to perform operations (UPLOAD, DELETE, CUT, COPY) via injected parameters (uploadPath, paths[], newPath) to read arbitrary files, ...

8.5CVSS7.3AI score0.40338EPSS
Exploits8References2Affected Software3
Check Point Advisories
Check Point Advisories
added 2013/05/29 12:0 a.m.3 views

Mutiny FrontEnd Arbitrary File Read and Delete (CVE-2013-0136)

A directory traversal vulnerability has been reported in EditDocument servlet from the frontend on the Mutiny 5 appliance. Commands for UPLOAD, DELETE, CUT and COPY are all vulnerable to directory traversal attacks...

8.5CVSS6.3AI score0.40338EPSS
Exploits8
Circl
Circl
added 2013/05/17 12:0 a.m.10 views

CVE-2013-0136

creationtimestamp| type| source ---|---|--- 2013-05-17 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/25517 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/mutinyfrontendupload.rb 2018-05-29 15:50:33+00:00|...

8.5CVSS5.7AI score0.40338EPSS
Exploits8References3
Exploit DB
Exploit DB
added 2013/05/17 12:0 a.m.29 views

Mutiny 5 - Arbitrary File Upload (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 /Apache-Coyote/ include...

8.5CVSS7AI score0.40338EPSS
Exploits8
Metasploit
Metasploit
added 2013/05/15 2:2 p.m.41 views

Mutiny 5 Arbitrary File Upload

This module exploits a code execution flaw in the Mutiny 5 appliance. The EditDocument servlet provides a file upload function to authenticated users. A directory traversal vulnerability in the same functionality allows for arbitrary file upload, which results in arbitrary code execution with roo...

8.5CVSS7.9AI score0.40338EPSS
Exploits8
CERT
CERT
added 2013/05/15 12:0 a.m.15 views

Mutiny Appliance contains multiple directory traversal vulnerabilities

Overview Mutiny appliance contains multiple directory traversal CWE-22 vulnerabilities. Description The Mutiny appliance commands for UPLOAD, DELETE, CUT and COPY are all vulnerable to directory traversal attacks. Additional details may be found in the Rapid7 blog post entitled, "New 1day Exploit...

8.5CVSS6.4AI score0.40338EPSS
Exploits8References2
Rows per page
Query Builder