8688 matches found
Uniview - Remote Command Execution / Export Config (PoC)
STX Subject: Uniview RCE and export config PoC Researcher: bashis October 2017 Attack Vector: Remote Authentication: Anonymous no credentials needed Export config http://IP:PORT/cgi-bin/main-cgi?json="cmd":255,"szUserName":"","u32UserLoginHandle":-1 -tcpdump- check active capture...
Apache Derby Overwrite Arbitrary File Vulnerability
Apache Derby is the United States Apache Apache Software Foundation developed a set of open source database management system. A security vulnerability exists in the export process in Apache Derby. A remote attacker could exploit the vulnerability to overwrite an existing file...
CSV Injection
keystone is vulnerable to CSV injection attacks. These attacks are possible because of a mishandled value during the exporting of a CSV file...
CVE-2017-15879
CSV Injection aka Excel Macro Injection or Formula Injection exists in admin/server/api/download.js and lib/list/getCSVData.js in KeystoneJS before 4.0.0-beta.7 via a value that is mishandled in a CSV export...
Unauthorized File Overwrite
Apache Derby is vulnerable to unauthorized file overwrites. The library accepts the file:// protocol in the url, allowing a malicious user to overwrite existing files when exporting files...
CVE-2010-2232
In Apache Derby 10.1.2.1, 10.2.2.0, 10.3.1.4, and 10.4.1.3, Export processing may allow an attacker to overwrite an existing file...
Design/Logic Flaw
In Apache Derby 10.1.2.1, 10.2.2.0, 10.3.1.4, and 10.4.1.3, Export processing may allow an attacker to overwrite an existing file...
CVE-2010-2232
CVE-2010-2232 (Apache Derby) is an export-processing flaw affecting Derby versions 10.1.2.1, 10.2.2.0, 10.3.1.4, and 10.4.1.3. A remote attacker could exploit the export functionality to overwrite an existing file. This is documented across multiple sources (NVD entry and related advisories) and ...
CVE-2010-2232
In Apache Derby 10.1.2.1, 10.2.2.0, 10.3.1.4, and 10.4.1.3, Export processing may allow an attacker to overwrite an existing file...
CVE-2010-2232
In Apache Derby 10.1.2.1, 10.2.2.0, 10.3.1.4, and 10.4.1.3, Export processing may allow an attacker to overwrite an existing file...
XSS Vulnerability in JIRA Issue Export
A search endpoint is vulnerable to an XSS injection in certain cases. Normally, the browser will urlencode its requests, but some proxy servers and load balancers will decode URL data by default. see http://stackoverflow.com/questions/31266629/nginx-encoding-normalizing-part-of-uri...
Octopus Deploy Information Disclosure Vulnerability
Octopus Deploy is the automated deployment and release management server. An information disclosure vulnerability exists in Octopus Deploy prior to version 3.17.7. When a special client user account is granted CertificateExportPrivateKey privileges and "client access" is enabled on the Octopus...
CVE-2017-10340
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Import/Export. Supported versions that are affected are 2.8 and 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2017-10344
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Import/Export. Supported versions that are affected are 2.8 and 2.9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2017-10343
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Import/Export. Supported versions that are affected are 2.8 and 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
Buffer overflow
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Import/Export. Supported versions that are affected are 2.8 and 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2017-10343
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Import/Export. Supported versions that are affected are 2.8 and 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2017-10343
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Import/Export. Supported versions that are affected are 2.8 and 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2017-10340
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Import/Export. Supported versions that are affected are 2.8 and 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2017-15610
An issue was discovered in Octopus before 3.17.7. When the special Guest user account is granted the CertificateExportPrivateKey permission, and Guest Access is enabled for the Octopus Server, an attacker can sign in as the Guest account and export Certificates managed by Octopus, including the...