5 matches found
CVE-2018-5405 The Quest Kace K1000 Appliance is vulnerable to JavaScript injection.
The Quest Kace K1000 Appliance, versions prior to 9.0.270, allows an authenticated least privileged user with 'User Console Only' rights to potentially inject arbitrary JavaScript code on the tickets page. Script execution could allow a malicious user of the system to steal session cookies of oth...
CVE-2018-5405
CVE-2018-5405 affects Quest Kace K1000 Appliance (SMA) versions prior to 9.0.270. A authenticated, least-privileged user with ‘User Console Only’ rights can inject arbitrary JavaScript on the tickets page due to insufficient input neutralization, enabling potential session cookie theft and takeov...
KACE System Management Appliance (SMA) 9.0.270 - Multiple Vulnerabilities
KACE System Management Appliance SMA 9.0.270 - Multiple Vulnerabilities Exploit Title: Dell Kace Appliance Multiple Vulnerabilities Date: 12/04/2018 Exploit Author: SlidingWindow, Twitter: @kapilkhot Vendor Homepage: https://www.quest.com/products/kace-systems-management-appliance/ Affected...
CVE-2018-5405
creationtimestamp| type| source ---|---|--- 2019-06-03 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/46956...
KACE System Management Appliance (SMA) < 9.0.270 - Multiple Vulnerabilities
Exploit Title: Dell Kace Appliance Multiple Vulnerabilities Date: 12/04/2018 Exploit Author: SlidingWindow, Twitter: @kapilkhot Vendor Homepage: https://www.quest.com/products/kace-systems-management-appliance/ Affected Versions: KACE SMA versions prior to 9.0.270 PATCH SEC201820180410 Tested on:...