Lucene search
K

6 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

7.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2013/10/27 12:0 a.m.8 views

VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload (CVE-2013-3520)

An Arbitrary File Upload vulnerability has been reported in VMware vCenter Chargeback Manager...

6.4AI score0.5564EPSS
Exploits4
Circl
Circl
added 2013/07/23 12:0 a.m.13 views

CVE-2013-3520

creationtimestamp| type| source ---|---|--- 2013-07-23 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/27046 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/vmwarevcenterchargebackupload.rb 2025-02-06...

7.5CVSS5.7AI score0.5564EPSS
Exploits4References2
Metasploit
Metasploit
added 2013/07/18 8:37 p.m.27 views

VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload

This module exploits a code execution flaw in VMware vCenter Chargeback Manager, where the ImageUploadServlet servlet allows unauthenticated file upload. The files are uploaded to the /cbmui/images/ web path, where JSP code execution is allowed. The module has been tested successfully on VMware...

7.5CVSS0.5AI score0.5564EPSS
Exploits4
CVE
CVE
added 2013/06/17 1:0 a.m.136 views

CVE-2013-3520

CVE-2013-3520 affects VMware vCenter Chargeback Manager (CBM) prior to 2.5.1. The vulnerability arises from improper handling of uploads in the ImageUploadServlet, enabling remote attackers to upload files and execute arbitrary code via unspecified vectors. Reported in multiple feeds (NVD/NVD-der...

7.5CVSS7.8AI score0.5564EPSS
Exploits4References1Affected Software1
VMware
VMware
added 2013/06/09 12:0 a.m.31 views

VMSA-2013-0008:VMware vCenter Chargeback Manager Remote Code Execution

VMSA-2013-0008 VMware vCenter Chargeback Manager Remote Code Execution VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2013-0008 VMware Security Advisory Synopsis: VMware vCenter Chargeback Manager Remote Code Execution VMware Security Advisory Issue date: 2013-06-11 VMware...

7.5CVSS7.9AI score0.5564EPSS
Exploits10References2Affected Software1
Rows per page
Query Builder