27 matches found
EUVD-2007-5753
Malware in sbrugna...
EUVD-2023-41456
Malicious code in bioql PyPI...
CVE-2023-37570
This vulnerability exists in ESDS Emagic Data Center Management Suit due to non-expiry of session cookie. By reusing the stolen cookie, a remote attacker could gain unauthorized access to the targeted system...
Emagic Data Center Management Suite 6.0 Remote Command Execution
Exploit Title: Emagic Data Center Management Suite v6.0 - OS Command Injection Date: 03-08-2023 Exploit Author: Shubham Pandey & thewhiteh4t Vendor Homepage: https://www.esds.co.in/enlight360 Version: 6.0.0 Tested on: Kali Linux CVE : CVE-2023-37569 URL=$1 LHOST=$2 LPORT=$3 echo "" echo " ESDS...
CVE-2023-37570
This vulnerability exists in ESDS Emagic Data Center Management Suit due to non-expiry of session cookie. By reusing the stolen cookie, a remote attacker could gain unauthorized access to the targeted system...
CVE-2023-37570
This vulnerability exists in ESDS Emagic Data Center Management Suit due to non-expiry of session cookie. By reusing the stolen cookie, a remote attacker could gain unauthorized access to the targeted system...
Design/Logic Flaw
This vulnerability exists in ESDS Emagic Data Center Management Suit due to lack of input sanitization in its Ping component. A remote authenticated attacker could exploit this by injecting OS commands on the targeted system. Successful exploitation of this vulnerability could allow the attacker ...
Design/Logic Flaw
This vulnerability exists in ESDS Emagic Data Center Management Suit due to non-expiry of session cookie. By reusing the stolen cookie, a remote attacker could gain unauthorized access to the targeted system...
CVE-2023-37570
Summary: CVE-2023-37570 affects ESDS Emagic Data Center Management Suit due to non-expiry of the session cookie, enabling reuse of a stolen cookie for remote unauthorized access. This is reported across multiple sources (NVD, Red Hat, CVE List, etc.). What’s known: The root cause is a non-expirin...
CVE-2023-37570 Insufficient Session Expiration Vulnerability in Emagic Data Center Management Suite
This vulnerability exists in ESDS Emagic Data Center Management Suit due to non-expiry of session cookie. By reusing the stolen cookie, a remote attacker could gain unauthorized access to the targeted system...
CVE-2023-37570 Insufficient Session Expiration Vulnerability in Emagic Data Center Management Suite
This vulnerability exists in ESDS Emagic Data Center Management Suit due to non-expiry of session cookie. By reusing the stolen cookie, a remote attacker could gain unauthorized access to the targeted system...
CVE-2023-37569 OS Command Injection Vulnerability in Emagic Data Center Management Suite
This vulnerability exists in ESDS Emagic Data Center Management Suit due to lack of input sanitization in its Ping component. A remote authenticated attacker could exploit this by injecting OS commands on the targeted system. Successful exploitation of this vulnerability could allow the attacker ...
CVE-2023-37569 OS Command Injection Vulnerability in Emagic Data Center Management Suite
This vulnerability exists in ESDS Emagic Data Center Management Suit due to lack of input sanitization in its Ping component. A remote authenticated attacker could exploit this by injecting OS commands on the targeted system. Successful exploitation of this vulnerability could allow the attacker ...
CVE-2023-37569
CVE-2023-37569 concerns ESDS Emagic Data Center Management Suite with a vulnerability in the Ping component due to lack of input sanitization, enabling a remote authenticated attacker to inject OS commands and potentially execute arbitrary code. Affected software is ESDS Emagic Data Center Manage...
ESDS Emagic Data Center Management Suit Operating System Command Injection Vulnerability
ESDS Emagic Data Center Management Suit is an all-in-one virtual data center suite from ESDS, Inc. An operating system command injection vulnerability exists in ESDS Emagic Data Center Management Suit v6.0 and prior versions, which stems from a lack of input cleanup in the Ping component, and can...
PT-2023-26029 · Esds · Esds Emagic Data Center Management Suit
Name of the Vulnerable Software and Affected Versions: ESDS Emagic Data Center Management Suit affected versions not specified Description: The issue exists due to the non-expiry of session cookies in the ESDS Emagic Data Center Management Suit. A remote attacker could reuse a stolen cookie to ga...
Emagic Data Center Management Suite v6.0 - OS Command Injection Exploit
!/bin/bash Exploit Title: Emagic Data Center Management Suite v6.0 - OS Command Injection Exploit Author: Shubham Pandey & thewhiteh4t Vendor Homepage: https://www.esds.co.in/enlight360 Version: 6.0.0 Tested on: Kali Linux CVE : CVE-2023-37569 URL=$1 LHOST=$2 LPORT=$3 echo "" echo " ESDS eMagic...
PT-2023-26027 · Esds · Esds Emagic Data Center Management Suit
Name of the Vulnerable Software and Affected Versions: ESDS Emagic Data Center Management Suit affected versions not specified Description: The issue is caused by a lack of input sanitization in the Ping component of the ESDS Emagic Data Center Management Suit. A remote authenticated attacker cou...
Emagic Data Center Management Suite v6.0 - OS Command Injection
!/bin/bash Exploit Title: Emagic Data Center Management Suite v6.0 - OS Command Injection Date: 03-08-2023 Exploit Author: Shubham Pandey & thewhiteh4t Vendor Homepage: https://www.esds.co.in/enlight360 Version: 6.0.0 Tested on: Kali Linux CVE : CVE-2023-37569 URL=$1 LHOST=$2 LPORT=$3 echo "" ech...
CVE-2007-5783
SQL injection vulnerability in emc.asp in emagiC CMS.Net 4.0 allows remote attackers to execute arbitrary SQL commands via the pageId parameter...