Lucene search
K

15 matches found

Nuclei
Nuclei
added 5 days ago27 views

Open Web Analytics 1.7.3 - Remote Code Execution

Open Web Analytics OWA before 1.7.4 allows an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with '?php instead of the intended "?php sequence aren't handled by the PH...

9.8CVSS7.2AI score0.99134EPSS
Exploits14References5
GithubExploit
GithubExploit
added 2023/08/22 4:25 p.m.536 views

Exploit for Improper Privilege Management in Openwebanalytics Open_Web_Analytics

CVE-2022-24637 Open Web Analytics 1.7.3 - Remote Code Executio...

9.8CVSS9.8AI score0.99134EPSS
Exploits14
GithubExploit
GithubExploit
added 2023/03/26 1:11 p.m.264 views

Exploit for Improper Privilege Management in Openwebanalytics Open_Web_Analytics

CVE-2022-24637 Unauthenticated RCE in Open Web Analytics versi...

9.8CVSS9.5AI score0.99134EPSS
Exploits14
0day.today
0day.today
added 2023/03/20 12:0 a.m.453 views

Open Web Analytics 1.7.3 Remote Code Execution Exploit

Open Web Analytics OWA versions prior to 1.7.4 allow an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. class MetasploitModule 'Open Web Analytics 1.7.3 - Remote Code Execution RCE', 'Description' = %q Op...

9.8CVSS1AI score0.99134EPSS
Exploits14
Metasploit
Metasploit
added 2023/03/17 7:52 p.m.313 views

Open Web Analytics 1.7.3 - Remote Code Execution (RCE)

Open Web Analytics OWA before 1.7.4 allows an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with ' use exploit/multi/http/openwebanalyticsrce msf...

9.8CVSS8.6AI score0.99134EPSS
Exploits14
Packet Storm
Packet Storm
added 2023/03/17 12:0 a.m.373 views

Open Web Analytics 1.7.3 Remote Code Execution

class MetasploitModule 'Open Web Analytics 1.7.3 - Remote Code Execution RCE', 'Description' = %q Open Web Analytics OWA before 1.7.4 allows an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs...

9.8CVSS0.5AI score0.99134EPSS
Exploits14
Packet Storm
Packet Storm
added 2022/11/11 12:0 a.m.254 views

Open Web Analytics 1.7.3 Remote Code Execution

Exploit Title: Open Web Analytics 1.7.3 - Remote Code Execution RCE Date: 2022-08-30 Exploit Author: Jacob Ebben Vendor Homepage: https://www.openwebanalytics.com/ Software Link: https://github.com/Open-Web-Analytics Version: 1.7.4 Tested on: Linux CVE : CVE-2022-24637 import argparse import...

9.8CVSS0.3AI score0.99134EPSS
Exploits14
0day.today
0day.today
added 2022/11/11 12:0 a.m.278 views

Open Web Analytics 1.7.3 - Remote Code Execution Exploit

Exploit Title: Open Web Analytics 1.7.3 - Remote Code Execution RCE Exploit Author: Jacob Ebben Vendor Homepage: https://www.openwebanalytics.com/ Software Link: https://github.com/Open-Web-Analytics Version: 1.7.4 Tested on: Linux CVE : CVE-2022-24637 import argparse import requests import base6...

9.8CVSS0.99134EPSS
Exploits14
Exploit DB
Exploit DB
added 2022/11/11 12:0 a.m.136 views

Open Web Analytics 1.7.3 - Remote Code Execution

Exploit Title: Open Web Analytics 1.7.3 - Remote Code Execution RCE Date: 2022-08-30 Exploit Author: Jacob Ebben Vendor Homepage: https://www.openwebanalytics.com/ Software Link: https://github.com/Open-Web-Analytics Version: 1.7.4 Tested on: Linux CVE : CVE-2022-24637 import argparse import...

9.8CVSS9.6AI score0.99134EPSS
Exploits14
GithubExploit
GithubExploit
added 2022/10/08 9:12 p.m.302 views

Exploit for Improper Privilege Management in Openwebanalytics Open_Web_Analytics

CVE-2022-24637 Open Web Analytics OWA...

9.8CVSS9.8AI score0.99134EPSS
Exploits14
GithubExploit
GithubExploit
added 2022/08/30 5:31 p.m.464 views

Exploit for Improper Privilege Management in Openwebanalytics Open_Web_Analytics

CVE-2022-24637 Exploit for the Unauthenticated RCE in Open...

9.8CVSS9.5AI score0.99134EPSS
Exploits14
GithubExploit
GithubExploit
added 2022/08/30 5:31 p.m.9 views

Exploit for Improper Privilege Management in Openwebanalytics Open_Web_Analytics

CVE-2022-24637 Exploit for the Unauthenticated RCE in Open...

9.8CVSS7.2AI score0.99134EPSS
Exploits14
Circl
Circl
added 2022/08/29 11:37 a.m.10 views

CVE-2022-24637

creationtimestamp| type| source ---|---|--- 2022-08-29 11:37:02+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/6693 2022-08-31 14:31:06+00:00| published-proof-of-concept| https://t.me/MrVGunz/448 2022-09-01 15:39:43+00:00| published-proof-of-concept|...

9.8CVSS7.3AI score0.99134EPSS
Exploits14References9
CVE
CVE
added 2022/03/18 12:0 a.m.238 views

CVE-2022-24637

Open Web Analytics (OWA) 1.7.3 is vulnerable to unauthenticated remote code execution due to improper handling of PHP-generated cache files (files generated with '<?php instead of '

9.8CVSS9.4AI score0.99134EPSS
Exploits14References4Affected Software1
OSV
OSV
added 2022/03/18 12:0 a.m.18 views

CVE-2022-24637

Open Web Analytics OWA before 1.7.4 allows an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with '?php instead of the intended "?php sequence aren't handled by the PH...

9.8CVSS9.6AI score0.99134EPSS
Exploits14References6
Rows per page
Query Builder