Lucene search
K

10 matches found

Openbugbounty
Openbugbounty
added 2023/12/21 10:21 a.m.9 views

resumesamplesdownload.in Cross Site Scripting vulnerability OBB-3819604

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.33 views

Synology DiskStation Manager - SLICEUPLOAD Remote Command Execution

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient...

6.7AI score
Exploits0
NVD
NVD
added 2014/01/09 6:7 p.m.41 views

CVE-2013-6955

webman/imageSelector.cgi in Synology DiskStation Manager DSM 4.0 before 4.0-2259, 4.2 before 4.2-3243, and 4.3 before 4.3-3810 Update 1 allows remote attackers to append data to arbitrary files, and consequently execute arbitrary code, via a pathname in the SLICEUPLOAD X-TMP-FILE HTTP header...

10CVSS7AI score0.84571EPSS
Exploits5References1
CVE
CVE
added 2014/01/09 11:0 a.m.128 views

CVE-2013-6955

Summary of CVE-2013-6955 – Synology DiskStation Manager Affected product: Synology DiskStation Manager (DSM) with webman/imageSelector.cgi as part of the File Station component. Vulnerability: Remote code execution via SLICEUPLOAD. An attacker can append data to an arbitrary file by sending a spe...

10CVSS7.1AI score0.84571EPSS
Exploits5References1Affected Software1
Cvelist
Cvelist
added 2014/01/09 11:0 a.m.47 views

CVE-2013-6955

webman/imageSelector.cgi in Synology DiskStation Manager DSM 4.0 before 4.0-2259, 4.2 before 4.2-3243, and 4.3 before 4.3-3810 Update 1 allows remote attackers to append data to arbitrary files, and consequently execute arbitrary code, via a pathname in the SLICEUPLOAD X-TMP-FILE HTTP header...

7AI score0.84571EPSS
Exploits5References1
CERT
CERT
added 2014/01/07 12:0 a.m.53 views

Synology DiskStation Manager arbitrary file modification

Overview Synology DiskStation Manager versions 4.3-3776-3 and below contain a vulnerability that allows a remote unauthenticated user to append arbitrary data to an arbitrary file under root privileges. Description CWE-284: Improper Access Control - CVE-2013-6955Synology DiskStation Manager...

10CVSS7.1AI score0.84571EPSS
Exploits5References2
seebug.org
seebug.org
added 2013/12/25 12:0 a.m.1043 views

Synology DiskStation Manager远程命令执行漏洞

CVE ID:CVE-2013-6955 Synology DiskStation Manager 是第一个提供网络多任务处理用户接口的NAS操作系统。 该漏洞是位于/ webman/ imageSelector.cgi,允许攻击者以root权限执行任意命。 0 Synology DiskStation Manager 4.x 目前厂商暂无提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http:// www.synology.com This module requires Metasploit: http//metasploit.com/downlo...

10CVSS6.5AI score0.84571EPSS
Exploits5
Exploit DB
Exploit DB
added 2013/12/24 12:0 a.m.64 views

Synology DiskStation Manager - SLICEUPLOAD Remote Command Execution (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 \d+&minor=?\d+&build=?\d+ &junior=\d+&unique=synology\w+?^&+/x def initializeinfo= superupdateinfoinfo, 'Name' = "Synology DiskStation...

10CVSS7.4AI score0.84571EPSS
Exploits5
Circl
Circl
added 2013/12/24 12:0 a.m.28 views

CVE-2013-6955

creationtimestamp| type| source ---|---|--- 2013-12-24 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/30470 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/synologydsmsliceuploadexecnoauth.rb 2025-02-06...

10CVSS5.7AI score0.84571EPSS
Exploits5References2
Packet Storm
Packet Storm
added 2013/12/23 12:0 a.m.64 views

Synology DiskStation Manager SLICEUPLOAD Remote Command Execution

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 \d+&minor=?\d+&build=?\d+ &junior=\d+&unique=synology\w+?^&+/x def initializeinfo= superupdateinfoinfo, 'Name' = "Synology DiskStation...

10CVSS0.7AI score0.84571EPSS
Exploits5
Rows per page
Query Builder