7 matches found
CVE-2016-1593
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/novellservicedeskrce.rb 2025-02-06 03:13:42+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:09:46+00:00| seen|...
CVE-2016-1593
CVE-2016-1593 affects Micro Focus/Novell Service Desk prior to 7.2. A directory traversal flaw in the import users feature allows a remote authenticated administrator to upload and execute arbitrary JSP files via a .. (dot dot) in a filename in a multipart/form-data POST to LiveTime.woa, enabling...
CVE-2016-1593
Directory traversal vulnerability in the import users feature in Micro Focus Novell Service Desk before 7.2 allows remote authenticated administrators to upload and execute arbitrary JSP files via a .. dot dot in a filename within a multipart/form-data POST request to a LiveTime.woa URL...
Novell ServiceDesk - (Authenticated) Arbitrary File Upload (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Novell ServiceDesk Authenticated File Upload', 'Description' = %q This module exploits an authenticated arbitrary file upload v...
Novell Service Desk 7.1.0/7.0.3 / 6.5 - Multiple Vulnerabilities
Exploit for jsp platform in category web applications Multiple vulnerabilities in Novell Service Desk 7.1.0, 7.0.3 and 6.5 Discovered by Pedro Ribeiro email protected, Agile Information Security ================================================================================= Disclosure: 30/03/20...
Novell ServiceDesk 6.5/7.0.3/7.1.0 - Multiple Vulnerabilities
Multiple vulnerabilities in Novell Service Desk 7.1.0, 7.0.3 and 6.5 Discovered by Pedro Ribeiro [email protected], Agile Information Security ================================================================================= Disclosure: 30/03/2016 / Last updated: 10/04/2016 Background on the...
Novell ServiceDesk Authenticated File Upload
This module exploits an authenticated arbitrary file upload via directory traversal to execute code on the target. It has been tested on versions 6.5 and 7.1.0, in Windows and Linux installations of Novell ServiceDesk, as well as the Virtual Appliance provided by Novell. This module requires...