10 matches found
EUVD-2023-41456
Malicious code in bioql PyPI...
Emagic Data Center Management Suite 6.0 Remote Command Execution
Exploit Title: Emagic Data Center Management Suite v6.0 - OS Command Injection Date: 03-08-2023 Exploit Author: Shubham Pandey & thewhiteh4t Vendor Homepage: https://www.esds.co.in/enlight360 Version: 6.0.0 Tested on: Kali Linux CVE : CVE-2023-37569 URL=$1 LHOST=$2 LPORT=$3 echo "" echo " ESDS...
CVE-2023-37570
This vulnerability exists in ESDS Emagic Data Center Management Suit due to non-expiry of session cookie. By reusing the stolen cookie, a remote attacker could gain unauthorized access to the targeted system...
CVE-2023-37570
This vulnerability exists in ESDS Emagic Data Center Management Suit due to non-expiry of session cookie. By reusing the stolen cookie, a remote attacker could gain unauthorized access to the targeted system...
Design/Logic Flaw
This vulnerability exists in ESDS Emagic Data Center Management Suit due to non-expiry of session cookie. By reusing the stolen cookie, a remote attacker could gain unauthorized access to the targeted system...
Design/Logic Flaw
This vulnerability exists in ESDS Emagic Data Center Management Suit due to lack of input sanitization in its Ping component. A remote authenticated attacker could exploit this by injecting OS commands on the targeted system. Successful exploitation of this vulnerability could allow the attacker ...
CVE-2023-37569
CVE-2023-37569 concerns ESDS Emagic Data Center Management Suite with a vulnerability in the Ping component due to lack of input sanitization, enabling a remote authenticated attacker to inject OS commands and potentially execute arbitrary code. Affected software is ESDS Emagic Data Center Manage...
PT-2023-26029 · Esds · Esds Emagic Data Center Management Suit
Name of the Vulnerable Software and Affected Versions: ESDS Emagic Data Center Management Suit affected versions not specified Description: The issue exists due to the non-expiry of session cookies in the ESDS Emagic Data Center Management Suit. A remote attacker could reuse a stolen cookie to ga...
ESDS Emagic Data Center Management Suit Operating System Command Injection Vulnerability
ESDS Emagic Data Center Management Suit is an all-in-one virtual data center suite from ESDS, Inc. An operating system command injection vulnerability exists in ESDS Emagic Data Center Management Suit v6.0 and prior versions, which stems from a lack of input cleanup in the Ping component, and can...
PT-2023-26027 · Esds · Esds Emagic Data Center Management Suit
Name of the Vulnerable Software and Affected Versions: ESDS Emagic Data Center Management Suit affected versions not specified Description: The issue is caused by a lack of input sanitization in the Ping component of the ESDS Emagic Data Center Management Suit. A remote authenticated attacker cou...