10 matches found
EUVD-2023-41456
Malicious code in bioql PyPI...
Emagic Data Center Management Suite 6.0 Remote Command Execution
Exploit Title: Emagic Data Center Management Suite v6.0 - OS Command Injection Date: 03-08-2023 Exploit Author: Shubham Pandey & thewhiteh4t Vendor Homepage: https://www.esds.co.in/enlight360 Version: 6.0.0 Tested on: Kali Linux CVE : CVE-2023-37569 URL=$1 LHOST=$2 LPORT=$3 echo "" echo " ESDS...
CVE-2023-37570
This vulnerability exists in ESDS Emagic Data Center Management Suit due to non-expiry of session cookie. By reusing the stolen cookie, a remote attacker could gain unauthorized access to the targeted system...
CVE-2023-37570
This vulnerability exists in ESDS Emagic Data Center Management Suit due to non-expiry of session cookie. By reusing the stolen cookie, a remote attacker could gain unauthorized access to the targeted system...
Design/Logic Flaw
This vulnerability exists in ESDS Emagic Data Center Management Suit due to non-expiry of session cookie. By reusing the stolen cookie, a remote attacker could gain unauthorized access to the targeted system...
Design/Logic Flaw
This vulnerability exists in ESDS Emagic Data Center Management Suit due to lack of input sanitization in its Ping component. A remote authenticated attacker could exploit this by injecting OS commands on the targeted system. Successful exploitation of this vulnerability could allow the attacker ...
CVE-2023-37569
CVE-2023-37569 concerns ESDS Emagic Data Center Management Suite with a vulnerability in the Ping component due to lack of input sanitization, enabling a remote authenticated attacker to inject OS commands and potentially execute arbitrary code. Affected software is ESDS Emagic Data Center Manage...
ESDS Emagic Data Center Management Suit Operating System Command Injection Vulnerability
ESDS Emagic Data Center Management Suit is an all-in-one virtual data center suite from ESDS, Inc. An operating system command injection vulnerability exists in ESDS Emagic Data Center Management Suit v6.0 and prior versions, which stems from a lack of input cleanup in the Ping component, and can...
PT-2023-26027 · Esds · Esds Emagic Data Center Management Suit
Name of the Vulnerable Software and Affected Versions: ESDS Emagic Data Center Management Suit affected versions not specified Description: The issue is caused by a lack of input sanitization in the Ping component of the ESDS Emagic Data Center Management Suit. A remote authenticated attacker cou...
PT-2023-26029 · Esds · Esds Emagic Data Center Management Suit
Name of the Vulnerable Software and Affected Versions: ESDS Emagic Data Center Management Suit affected versions not specified Description: The issue exists due to the non-expiry of session cookies in the ESDS Emagic Data Center Management Suit. A remote attacker could reuse a stolen cookie to ga...