Lucene search
K

7 matches found

Circl
Circl
added 2018/05/29 3:50 p.m.13 views

CVE-2013-1814

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/apacheravecreds.rb 2025-02-06 03:13:41+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:09:14+00:00| seen|...

4CVSS5.8AI score0.7322EPSS
Exploits10References1
Metasploit
Metasploit
added 2013/07/09 7:3 p.m.25 views

Apache Rave User Information Disclosure

This module exploits an information disclosure in Apache Rave 0.20 and prior. The vulnerability exists in the RPC API, which allows any authenticated user to disclose information about all the users, including their password hashes. In order to authenticate, the user can provide his own...

4CVSS6.5AI score0.7322EPSS
Exploits10
NVD
NVD
added 2013/03/14 12:55 a.m.40 views

CVE-2013-1814

The users/get program in the User RPC API in Apache Rave 0.11 through 0.20 allows remote authenticated users to obtain sensitive information about all user accounts via the offset parameter, as demonstrated by discovering password hashes in the password field of a response...

4CVSS5.7AI score0.7322EPSS
Exploits10References2
d2
d2
added 2013/03/14 12:55 a.m.561 views

DSquare Exploit Pack: D2SEC_APACHE_RAVE

Name| d2secapacherave ---|--- CVE| CVE-2013-1814 Exploit Pack| D2ExploitPack Description| d2secapacherave.py Notes|...

4CVSS1.7AI score0.7322EPSS
Exploits10
CVE
CVE
added 2013/03/14 12:0 a.m.77 views

CVE-2013-1814

CVE-2013-1814 (Apache Rave) affects Apache Rave 0.11–0.20. The vulnerability lies in the User RPC API (users/get): remote authenticated users can disclose sensitive data for all user accounts via the offset parameter, including password hashes. Public references corroborate an information disclos...

4CVSS5.8AI score0.7322EPSS
Exploits10References2Affected Software1
0day.today
0day.today
added 2013/03/13 12:0 a.m.57 views

Apache Rave 0.11 - 0.20 - User Information Disclosure Vulnerability

Exploit for multiple platform in category web applications CVE-2013-1814: Apache Rave exposes User over API Severity: Important Vendor: The Apache Software Foundation Versions Affected: Rave 0.11 to 0.20 Description: Rave returns the full user object, including the salted and hashed password, via...

7.1AI score0.7322EPSS
Exploits10
Packet Storm
Packet Storm
added 2013/03/12 12:0 a.m.40 views

Apache Rave User Exposure

CVE-2013-1814: Apache Rave exposes User over API Severity: Important Vendor: The Apache Software Foundation Versions Affected: Rave 0.11 to 0.20 Description: Rave returns the full user object, including the salted and hashed password, via the User RPC API. This endpoint is only available to...

4CVSS0.7322EPSS
Exploits10
Rows per page
Query Builder