Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

0day.today
0day.todayadded 2017/06/05 12:0 a.m.307 views

Intel AMT Digest Authentication Bypass Scanner Exploit

This module scans for Intel Active Management Technology endpoints and attempts to bypass authentication using a blank HTTP digest CVE-2017-5689. This service can be found on ports 16992, 16993 tls, 623, and 624tls. This module requires Metasploit: http://metasploit.com/download Current source:...

10CVSS0.1AI score0.92189EPSS
Exploits13
0day.today
0day.todayadded 2017/03/28 12:0 a.m.129 views

Nuxeo 6.0 / 7.1 / 7.2 / 7.3 - Remote Code Execution Exploit

Exploit for jsp platform in category web applications =begin Description Nuxeo Platform is a content management system for enterprises CMS. It embeds an Apache Tomcat server, and can be managed through a web interface. One of its features allows authenticated users to import files to the platform...

6.5CVSS8.8AI score0.34585EPSS
Exploits7
exploitpack
exploitpackadded 2017/03/27 12:0 a.m.81 views

Nuxeo 6.07.17.27.3 - Remote Code Execution (Metasploit)

Nuxeo 6.07.17.27.3 - Remote Code Execution Metasploit =begin Description Nuxeo Platform is a content management system for enterprises CMS. It embeds an Apache Tomcat server, and can be managed through a web interface. One of its features allows authenticated users to import files to the platform...

6.5CVSS9.1AI score0.34585EPSS
Exploits7
Exploit DB
Exploit DBadded 2017/03/27 12:0 a.m.91 views

Nuxeo 6.0/7.1/7.2/7.3 - Remote Code Execution (Metasploit)

=begin Description Nuxeo Platform is a content management system for enterprises CMS. It embeds an Apache Tomcat server, and can be managed through a web interface. One of its features allows authenticated users to import files to the platform. By crafting the upload request with a specific...

8.8CVSS8.8AI score0.34585EPSS
Exploits7
0day.today
0day.todayadded 2017/03/25 12:0 a.m.205 views

Nuxeo Platform 6.x / 7.x Shell Upload Exploit

Exploit for php platform in category web applications Description Nuxeo Platform is a content management system for enterprises CMS. It embeds an Apache Tomcat server, and can be managed through a web interface. One of its features allows authenticated users to import files to the platform. By...

6.5CVSS8.7AI score0.34585EPSS
Exploits7
CVE
CVEadded 2017/03/24 2:0 p.m.86 views

CVE-2017-5869

CVE-2017-5869 affects Nuxeo Platform versions 6.0, 7.1, 7.2, and 7.3. It is a directory traversal vulnerability in the file import feature that allows remote authenticated users to upload and execute arbitrary JSP code by manipulating the X-File-Name header (e.g., with a path traversal like ../.....

8.8CVSS8.5AI score0.34585EPSS
Exploits7References4Affected Software1
Packet Storm
Packet Stormadded 2017/03/24 12:0 a.m.80 views

Nuxeo Platform 6.x / 7.x Shell Upload

Description Nuxeo Platform is a content management system for enterprises CMS. It embeds an Apache Tomcat server, and can be managed through a web interface. One of its features allows authenticated users to import files to the platform. By crafting the upload request with a specific X-File-Name...

8.8AI score0.34585EPSS
Exploits7
Rows per page
Query Builder