Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:44 a.m.11 views

CVE-2019-10068

An issue was discovered in Kentico 12.0.x before 12.0.15, 11.0.x before 11.0.48, 10.0.x before 10.0.52, and 9.x versions. Due to a failure to validate security headers, it was possible for a specially crafted request to the staging service to bypass the initial authentication and proceed to...

9.8CVSS8.2AI score0.96031EPSS
Exploits5References1
Check Point Advisories
Check Point Advisories
added 2022/11/21 12:0 a.m.51 views

Kentico CMS Remote Code Execution (CVE-2019-10068)

A remote code execution vulnerability exists in Kentico CMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.6AI score0.96031EPSS
Exploits5
0day.today
0day.today
added 2020/05/07 12:0 a.m.561 views

Kentico CMS 12.0.14 Remote Command Execution Exploit

This Metasploit module exploits a vulnerability in the Kentico CMS platform versions 12.0.14 and earlier. Remote command execution is possible via unauthenticated XML requests to the Staging Service SyncServer.asmx interface ProcessSynchronizationTaskData method stagingTaskData parameter. XML inp...

9.8CVSS1.1AI score0.96031EPSS
Exploits5
Circl
Circl
added 2020/05/06 2:27 p.m.11 views

CVE-2019-10068

creationtimestamp| type| source ---|---|--- 2020-05-06 14:27:21+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/kenticostagingsyncserver.rb 2023-06-14 21:10:03+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2023-12-04 08:03:59+00:00|...

9.8CVSS7.3AI score0.96031EPSS
In wildExploits5References7
Metasploit
Metasploit
added 2020/05/04 1:26 p.m.106 views

Kentico CMS Staging SyncServer Unserialize Remote Command Execution

This module exploits a vulnerability in the Kentico CMS platform versions 12.0.14 and earlier. Remote Command Execution is possible via unauthenticated XML requests to the Staging Service SyncServer.asmx interface ProcessSynchronizationTaskData method stagingTaskData parameter. XML input is passe...

9.8CVSS8AI score0.96031EPSS
Exploits5
NVD
NVD
added 2019/03/26 6:29 p.m.21 views

CVE-2019-10068

An issue was discovered in Kentico 12.0.x before 12.0.15, 11.0.x before 11.0.48, 10.0.x before 10.0.52, and 9.x versions. Due to a failure to validate security headers, it was possible for a specially crafted request to the staging service to bypass the initial authentication and proceed to...

9.8CVSS10AI score0.96031EPSS
Exploits5References3
CVE
CVE
added 2019/03/26 5:43 p.m.1092 views

CVE-2019-10068

Kentico CMS is affected by a remote code execution vulnerability (CVE-2019-10068) due to insecure .NET object deserialization during staging service processing. Affected versions include Kentico 12.0.x before 12.0.15, 11.x before 11.0.48, 10.x before 10.0.52, and 9.x. The issue can be triggered v...

9.8CVSS9.9AI score0.96031EPSS
In wildExploits5References3Affected Software1
Vulnrichment
Vulnrichment
added 2019/03/26 5:43 p.m.13 views

CVE-2019-10068

An issue was discovered in Kentico 12.0.x before 12.0.15, 11.0.x before 11.0.48, 10.0.x before 10.0.52, and 9.x versions. Due to a failure to validate security headers, it was possible for a specially crafted request to the staging service to bypass the initial authentication and proceed to...

8.2AI score0.96031EPSS
Exploits5References2
ATTACKERKB
ATTACKERKB
added 2019/03/26 12:0 a.m.48 views

CVE-2019-10068

An issue was discovered in Kentico 12.0.x before 12.0.15, 11.0.x before 11.0.48, 10.0.x before 10.0.52, and 9.x versions. Due to a failure to validate security headers, it was possible for a specially crafted request to the staging service to bypass the initial authentication and proceed to...

9.8CVSS4.8AI score0.96031EPSS
In wildExploits5References3
Rows per page
Query Builder