10 matches found
resumesamplesdownload.in Cross Site Scripting vulnerability OBB-3819604
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Synology DiskStation Manager - SLICEUPLOAD Remote Command Execution
No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient...
CVE-2013-6955
webman/imageSelector.cgi in Synology DiskStation Manager DSM 4.0 before 4.0-2259, 4.2 before 4.2-3243, and 4.3 before 4.3-3810 Update 1 allows remote attackers to append data to arbitrary files, and consequently execute arbitrary code, via a pathname in the SLICEUPLOAD X-TMP-FILE HTTP header...
CVE-2013-6955
Summary of CVE-2013-6955 – Synology DiskStation Manager Affected product: Synology DiskStation Manager (DSM) with webman/imageSelector.cgi as part of the File Station component. Vulnerability: Remote code execution via SLICEUPLOAD. An attacker can append data to an arbitrary file by sending a spe...
CVE-2013-6955
webman/imageSelector.cgi in Synology DiskStation Manager DSM 4.0 before 4.0-2259, 4.2 before 4.2-3243, and 4.3 before 4.3-3810 Update 1 allows remote attackers to append data to arbitrary files, and consequently execute arbitrary code, via a pathname in the SLICEUPLOAD X-TMP-FILE HTTP header...
Synology DiskStation Manager arbitrary file modification
Overview Synology DiskStation Manager versions 4.3-3776-3 and below contain a vulnerability that allows a remote unauthenticated user to append arbitrary data to an arbitrary file under root privileges. Description CWE-284: Improper Access Control - CVE-2013-6955Synology DiskStation Manager...
Synology DiskStation Manager远程命令执行漏洞
CVE ID:CVE-2013-6955 Synology DiskStation Manager 是第一个提供网络多任务处理用户接口的NAS操作系统。 该漏洞是位于/ webman/ imageSelector.cgi,允许攻击者以root权限执行任意命。 0 Synology DiskStation Manager 4.x 目前厂商暂无提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http:// www.synology.com This module requires Metasploit: http//metasploit.com/downlo...
Synology DiskStation Manager - SLICEUPLOAD Remote Command Execution (Metasploit)
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 \d+&minor=?\d+&build=?\d+ &junior=\d+&unique=synology\w+?^&+/x def initializeinfo= superupdateinfoinfo, 'Name' = "Synology DiskStation...
CVE-2013-6955
creationtimestamp| type| source ---|---|--- 2013-12-24 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/30470 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/synologydsmsliceuploadexecnoauth.rb 2025-02-06...
Synology DiskStation Manager SLICEUPLOAD Remote Command Execution
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 \d+&minor=?\d+&build=?\d+ &junior=\d+&unique=synology\w+?^&+/x def initializeinfo= superupdateinfoinfo, 'Name' = "Synology DiskStation...