Lucene search
+L

330 matches found

checkpoint_advisories
checkpoint_advisories
added 2014/11/25 12:0 a.m.21 views

Digi Online Examination Unrestricted File Upload (CVE-2014-8997)

An unauthorized file upload vulnerability has been reported in Digi Online Examination. A remote attacker could exploit this vulnerability by uploading a file to a server running the vulnerable application. Successful exploitation of this vulnerability could allow a remote attacker to execute...

7.5CVSS4.4AI score0.09133EPSS
Exploits1
nvd
nvd
added 2014/11/20 1:55 p.m.15 views

CVE-2014-8997

Unrestricted file upload vulnerability in the Photo functionality in DigitalVidhya Digi Online Examination System 2.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in assets/uploads/images/...

7.5CVSS7.7AI score0.09133EPSS
Exploits1References3
prion
prion
added 2014/11/20 1:55 p.m.13 views

Unrestricted file upload

Unrestricted file upload vulnerability in the Photo functionality in DigitalVidhya Digi Online Examination System 2.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in assets/uploads/images/...

7.5CVSS8.2AI score0.09133EPSS
Exploits1References3Affected Software1
cvelist
cvelist
added 2014/11/20 11:0 a.m.23 views

CVE-2014-8997

Unrestricted file upload vulnerability in the Photo functionality in DigitalVidhya Digi Online Examination System 2.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in assets/uploads/images/...

7.7AI score0.09133EPSS
Exploits1References3
cve
cve
added 2014/11/20 11:0 a.m.38 views

CVE-2014-8997

The CVE-2014-8997 vulnerability is an unrestricted file upload in the Photo feature of DigitalVidhya Digi Online Examination System 2.0. An attacker can upload a file with an executable extension to assets/uploads/images/ and access it via a direct URL, enabling remote code execution. The descrip...

7.5CVSS7.9AI score0.09133EPSS
Exploits1References3Affected Software1
packetstorm
packetstorm
added 2014/11/14 12:0 a.m.26 views

Digi Online Examination System 2.0 Shell Upload

Exploit Title: Digi Online Examination System Unrestricted File Upload Vulnerability Date: 12-10-2014 Exploit Author: Halil Dalabasmaz Version: v2.0 Software Link: http://codecanyon.net/item/digi-online-examination-system-does/8610180 Software Test Link: http://s1.digitalvidhya.com/doesv2/...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2014/11/13 12:0 a.m.18 views

Digi Online Examination System 2.0 - Unrestricted Arbitrary File Upload

Digi Online Examination System 2.0 - Unrestricted Arbitrary File Upload Exploit Title: Digi Online Examination System Unrestricted File Upload Vulnerability Date: 12-10-2014 Exploit Author: Halil Dalabasmaz Version: v2.0 Software Link:...

0.7AI score
Exploits0
exploitdb
exploitdb
added 2014/11/13 12:0 a.m.30 views

Digi Online Examination System 2.0 - Unrestricted Arbitrary File Upload

Exploit Title: Digi Online Examination System Unrestricted File Upload Vulnerability Date: 12-10-2014 Exploit Author: Halil Dalabasmaz Version: v2.0 Software Link: http://codecanyon.net/item/digi-online-examination-system-does/8610180 Software Test Link: http://s1.digitalvidhya.com/doesv2/...

7AI score
Exploits0
ics
ics
added 2014/11/12 12:0 p.m.28 views

Bash Command Injection Vulnerability (Supplement)

OVERVIEW This advisory supplement is to accompany the NCCIC/ICS-CERT advisory titled ICSA-14-269-01 Bash Command Injection Vulnerability and all following updates that were originally published September 26, 2014, on the ICS-CERT web site and posted to the US-CERT secure Portal library. Please...

7.4AI score
Exploits0References22
seebug
seebug
added 2014/07/01 12:0 a.m.19 views

DiGi WWW Server 1 Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10228/info The DiGi WWW Server has been reported to contain a remote denial of service vulnerability. It has been reported that when the server receives a malformed HTTP GET request, the web server process will consume...

7.1AI score
Exploits0
threatpost
threatpost
added 2014/05/16 11:22 a.m.13 views

Critical Infrastructure Continues to Patch Heartbleed

Unified Automation issued a security advisory warning that its OPC UA software developers kit SDK for Windows contains the OpenSSL cryptography library that is vulnerable to Heartbleed. Schneider Electric, another industrial control system ICS manufacturer, posted its own advisory with mitigation...

6.9AI score
Exploits0References5
threatpost
threatpost
added 2014/05/09 9:56 a.m.11 views

Digi International Gateways Vulnerable to Heartbleed

Wireless Web mesh gateways used everywhere from industrial control environments to home area networks are vulnerable to the Heartbleed OpenSSL vulnerability. The Industrial Control System Computer Emergency Response Team ICS-CERT issued an advisory Thursday warning SCADA and ICS managers with Dig...

7.2AI score
Exploits0References8
ics
ics
added 2014/02/08 7:0 a.m.115 views

Digi International OpenSSL Vulnerability

OVERVIEW Digi International has identified five products that are vulnerable to the OpenSSL Heartbleed bug. Digi International has produced downloadable firmware upgrade versions that mitigate this vulnerability. This vulnerability could be exploited remotely. Exploits that target this...

7.5CVSS8.1AI score0.99999EPSS
Exploits88References10
nessus
nessus
added 2013/05/15 12:0 a.m.10 views

Digi Rabbit FTP Server Detection

Binary data 6820.prm...

7.3AI score
Exploits0References1
nessus
nessus
added 2013/05/15 12:0 a.m.13 views

Digi Rabbit HTTP Server Detection

Binary data 6819.prm...

7.3AI score
Exploits0References1
metasploit
metasploit
added 2012/11/03 10:44 p.m.34 views

Digi RealPort Serial Server Port Scanner

Identify active ports on RealPort-enabled serial servers. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Digi RealPort Serial Server Port Scanner', 'Description' = 'Identify active ports on...

7.1AI score
Exploits0
metasploit
metasploit
added 2012/11/03 10:44 p.m.28 views

Digi RealPort Serial Server Version

Detect serial servers that speak the RealPort protocol. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Digi RealPort Serial Server Version', 'Description' = 'Detect serial servers that speak t...

7.1AI score
Exploits0
metasploit
metasploit
added 2012/10/29 4:4 a.m.48 views

Digi ADDP Information Discovery

Discover host information through the Digi International ADDP service This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Digi ADDP Information Discovery', 'Description' = 'Discover host informatio...

6.9AI score
Exploits0
metasploit
metasploit
added 2012/10/29 4:4 a.m.55 views

Digi ADDP Remote Reboot Initiator

Reboot Digi International based equipment through the ADDP service This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Digi ADDP Remote Reboot Initiator', 'Description' = 'Reboot Digi International...

7.1AI score
Exploits0
nessus
nessus
added 2011/12/13 12:0 a.m.70 views

SuSE 11.1 Security Update : Linux kernel (SAT Patch Numbers 5219 / 5222 / 5223)

The SUSE Linux Enterprise 11 Service Pack 1 kernel was updated to 2.6.32.46 and fixes various bugs and security issues. The following security issues have been fixed : - A signedness issue in CIFS could possibly have lead to to memory corruption, if a malicious server could send crafted replies t...

8.8CVSS6.6AI score0.01077EPSS
Exploits2References42
Rows per page
Query Builder