330 matches found
Digi Online Examination Unrestricted File Upload (CVE-2014-8997)
An unauthorized file upload vulnerability has been reported in Digi Online Examination. A remote attacker could exploit this vulnerability by uploading a file to a server running the vulnerable application. Successful exploitation of this vulnerability could allow a remote attacker to execute...
CVE-2014-8997
Unrestricted file upload vulnerability in the Photo functionality in DigitalVidhya Digi Online Examination System 2.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in assets/uploads/images/...
Unrestricted file upload
Unrestricted file upload vulnerability in the Photo functionality in DigitalVidhya Digi Online Examination System 2.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in assets/uploads/images/...
CVE-2014-8997
Unrestricted file upload vulnerability in the Photo functionality in DigitalVidhya Digi Online Examination System 2.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in assets/uploads/images/...
CVE-2014-8997
The CVE-2014-8997 vulnerability is an unrestricted file upload in the Photo feature of DigitalVidhya Digi Online Examination System 2.0. An attacker can upload a file with an executable extension to assets/uploads/images/ and access it via a direct URL, enabling remote code execution. The descrip...
Digi Online Examination System 2.0 Shell Upload
Exploit Title: Digi Online Examination System Unrestricted File Upload Vulnerability Date: 12-10-2014 Exploit Author: Halil Dalabasmaz Version: v2.0 Software Link: http://codecanyon.net/item/digi-online-examination-system-does/8610180 Software Test Link: http://s1.digitalvidhya.com/doesv2/...
Digi Online Examination System 2.0 - Unrestricted Arbitrary File Upload
Digi Online Examination System 2.0 - Unrestricted Arbitrary File Upload Exploit Title: Digi Online Examination System Unrestricted File Upload Vulnerability Date: 12-10-2014 Exploit Author: Halil Dalabasmaz Version: v2.0 Software Link:...
Digi Online Examination System 2.0 - Unrestricted Arbitrary File Upload
Exploit Title: Digi Online Examination System Unrestricted File Upload Vulnerability Date: 12-10-2014 Exploit Author: Halil Dalabasmaz Version: v2.0 Software Link: http://codecanyon.net/item/digi-online-examination-system-does/8610180 Software Test Link: http://s1.digitalvidhya.com/doesv2/...
Bash Command Injection Vulnerability (Supplement)
OVERVIEW This advisory supplement is to accompany the NCCIC/ICS-CERT advisory titled ICSA-14-269-01 Bash Command Injection Vulnerability and all following updates that were originally published September 26, 2014, on the ICS-CERT web site and posted to the US-CERT secure Portal library. Please...
DiGi WWW Server 1 Remote Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10228/info The DiGi WWW Server has been reported to contain a remote denial of service vulnerability. It has been reported that when the server receives a malformed HTTP GET request, the web server process will consume...
Critical Infrastructure Continues to Patch Heartbleed
Unified Automation issued a security advisory warning that its OPC UA software developers kit SDK for Windows contains the OpenSSL cryptography library that is vulnerable to Heartbleed. Schneider Electric, another industrial control system ICS manufacturer, posted its own advisory with mitigation...
Digi International Gateways Vulnerable to Heartbleed
Wireless Web mesh gateways used everywhere from industrial control environments to home area networks are vulnerable to the Heartbleed OpenSSL vulnerability. The Industrial Control System Computer Emergency Response Team ICS-CERT issued an advisory Thursday warning SCADA and ICS managers with Dig...
Digi International OpenSSL Vulnerability
OVERVIEW Digi International has identified five products that are vulnerable to the OpenSSL Heartbleed bug. Digi International has produced downloadable firmware upgrade versions that mitigate this vulnerability. This vulnerability could be exploited remotely. Exploits that target this...
Digi Rabbit FTP Server Detection
Binary data 6820.prm...
Digi Rabbit HTTP Server Detection
Binary data 6819.prm...
Digi RealPort Serial Server Port Scanner
Identify active ports on RealPort-enabled serial servers. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Digi RealPort Serial Server Port Scanner', 'Description' = 'Identify active ports on...
Digi RealPort Serial Server Version
Detect serial servers that speak the RealPort protocol. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Digi RealPort Serial Server Version', 'Description' = 'Detect serial servers that speak t...
Digi ADDP Information Discovery
Discover host information through the Digi International ADDP service This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Digi ADDP Information Discovery', 'Description' = 'Discover host informatio...
Digi ADDP Remote Reboot Initiator
Reboot Digi International based equipment through the ADDP service This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Digi ADDP Remote Reboot Initiator', 'Description' = 'Reboot Digi International...
SuSE 11.1 Security Update : Linux kernel (SAT Patch Numbers 5219 / 5222 / 5223)
The SUSE Linux Enterprise 11 Service Pack 1 kernel was updated to 2.6.32.46 and fixes various bugs and security issues. The following security issues have been fixed : - A signedness issue in CIFS could possibly have lead to to memory corruption, if a malicious server could send crafted replies t...