Lucene search
K

7 matches found

NVD
NVD
added 2014/04/25 8:55 p.m.21 views

CVE-2014-2996

XCloner Standalone 3.5 and earlier, when enabledbbackup and sqlmem are enabled, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the dbbackupcomp parameter in a generate action to index2.php. NOTE: it is not clear whether this issue crosses...

7.1CVSS7.2AI score0.10193EPSS
Exploits1References3
Prion
Prion
added 2014/04/25 8:55 p.m.19 views

Code injection

XCloner Standalone 3.5 and earlier, when enabledbbackup and sqlmem are enabled, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the dbbackupcomp parameter in a generate action to index2.php. NOTE: it is not clear whether this issue crosses...

7.1CVSS7.5AI score0.10193EPSS
Exploits7References3Affected Software1
CVE
CVE
added 2014/04/25 8:0 p.m.68 views

CVE-2014-2579

CVE-2014-2579 describes CSRF vulnerabilities in XCloner Standalone ≤3.5 that allow remote attackers to hijack administrator authentication to perform actions such as changing the admin password via the config task to index2.php, and, when enable_db_backup and sql_mem are enabled, accessing databa...

7.6CVSS7.8AI score0.0621EPSS
Exploits6References4Affected Software1
exploitpack
exploitpack
added 2014/04/10 12:0 a.m.49 views

XCloner Standalone 3.5 - Cross-Site Request Forgery

XCloner Standalone 3.5 - Cross-Site Request Forgery Advisory ID: HTB23207 Product: XCloner Standalone Vendor: XCloner Vulnerable Versions: 3.5 and probably prior Tested Version: 3.5 Advisory Publication: March 14, 2014 without technical details Vendor Notification: March 14, 2014 Public Disclosur...

7.6CVSS0.4AI score0.0621EPSS
Exploits6
0day.today
0day.today
added 2014/04/10 12:0 a.m.55 views

XCloner Standalone 3.5 Cross Site Request Forgery Vulnerability

XCloner Standalone version 3.5 suffers from a cross site request forgery vulnerability. Product: XCloner Standalone Vendor: XCloner Vulnerable Versions: 3.5 and probably prior Tested Version: 3.5 Advisory Publication: March 14, 2014 without technical details Vendor Notification: March 14, 2014...

7.6CVSS6.2AI score0.0621EPSS
Exploits6
Exploit DB
Exploit DB
added 2014/04/10 12:0 a.m.72 views

XCloner Standalone 3.5 - Cross-Site Request Forgery

Advisory ID: HTB23207 Product: XCloner Standalone Vendor: XCloner Vulnerable Versions: 3.5 and probably prior Tested Version: 3.5 Advisory Publication: March 14, 2014 without technical details Vendor Notification: March 14, 2014 Public Disclosure: April 9, 2014 Vulnerability Type: Cross-Site...

7.6CVSS7AI score0.0621EPSS
Exploits6
Packet Storm
Packet Storm
added 2014/04/09 12:0 a.m.59 views

XCloner Standalone 3.5 Cross Site Request Forgery

Advisory ID: HTB23207 Product: XCloner Standalone Vendor: XCloner Vulnerable Versions: 3.5 and probably prior Tested Version: 3.5 Advisory Publication: March 14, 2014 without technical details Vendor Notification: March 14, 2014 Public Disclosure: April 9, 2014 Vulnerability Type: Cross-Site...

7.6CVSS0.1AI score0.0621EPSS
Exploits6
Rows per page
Query Builder