Lucene search
K

6 matches found

Check Point Advisories
Check Point Advisories
added 2022/05/26 12:0 a.m.34 views

Naviwebs Navigate CMS Directory Traversal (CVE-2018-17553)

A directory traversal vulnerability exists in Naviwebs Navigate CMS. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...

6.5CVSS5.5AI score0.78994EPSS
Exploits5
0day.today
0day.today
added 2018/10/08 12:0 a.m.106 views

Navigate CMS - Unauthenticated Remote Code Execution Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Navigate CMS Unauthenticated Remote Code Execution', 'Description' = %q This module exploits insufficient sanitization in the database::protect...

9.8CVSS0.4AI score0.84063EPSS
Exploits6
Exploit DB
Exploit DB
added 2018/10/08 12:0 a.m.32 views

Navigate CMS - (Unauthenticated) Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Navigate CMS Unauthenticated Remote Code Execution', 'Description' = %q This module exploits insufficient sanitization in the database::protect...

7.4AI score
Exploits0
Circl
Circl
added 2018/10/04 11:53 a.m.21 views

CVE-2018-17553

creationtimestamp| type| source ---|---|--- 2018-10-04 11:53:58+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/navigatecmsrce.rb 2018-10-08 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/45561 2025-02-06 03:13:43+00:00| seen|...

8.8CVSS8.6AI score0.78994EPSS
Exploits5References2
CVE
CVE
added 2018/10/03 8:0 p.m.75 views

CVE-2018-17553

Navigate CMS 2.8 is affected by CVE-2018-17553 via a directory traversal in navigate_upload.php that enables Unrestricted Upload of File with Dangerous Type, allowing remote code execution after an authenticated POST (engine=picnik, id=../../../navigate_info.php). Public references show an unauth...

8.8CVSS8.8AI score0.78994EPSS
Exploits5References3Affected Software1
Metasploit
Metasploit
added 2018/09/26 7:39 p.m.77 views

Navigate CMS Unauthenticated Remote Code Execution

This module exploits insufficient sanitization in the database::protect method, of Navigate CMS versions 2.8 and prior, to bypass authentication. The module then uses a path traversal vulnerability in navigateupload.php that allows authenticated users to upload PHP files to arbitrary locations...

9.8CVSS8.1AI score0.84063EPSS
Exploits6
Rows per page
Query Builder