Lucene search
K

53 matches found

OSV
OSV
added 2021/06/07 9:15 p.m.4 views

CVE-2020-25716

A flaw was found in Cloudforms. A role-based privileges escalation flaw where export or import of administrator files is possible. An attacker with a specific group can perform actions restricted only to system administrator. This is the affect of an incomplete fix for CVE-2020-10783. The highest...

8.1CVSS5.8AI score0.00769EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/12/15 9:19 p.m.4 views

Cloudforms: Incomplete fix for CVE-2020-10783

A flaw was found in Cloudforms. A role-based privileges escalation flaw where export or import of administrator files is possible. An attacker with a specific group can perform actions restricted only to system administrator. This is the affect of an incomplete fix for CVE-2020-10783. The highest...

8.3CVSS5.8AI score0.01EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/08/27 4:3 p.m.2 views

CloudForms: Missing access control leads to escalation of admin group privileges

A role-based privileges escalation flaw was found in Red Hat CloudForms where export or import of administrator files was possible. An attacker with EVM-Operator group can perform actions restricted only to system administrator. Refer CVE-2020-25716 for remaining RBAC group fixes...

8.3CVSS5.8AI score0.01EPSS
Exploits0References4
CNVD
CNVD
added 2018/04/27 12:0 a.m.4 views

Vaultize Enterprise File Sharing Information Disclosure Vulnerability

Vaultize Enterprise File Sharing is an enterprise file sharing solution from Vaultize Technologies, USA. The solution includes features such as data retention management, versioning, secure data handling, data backup and recovery. A security vulnerability exists in Vaultize Enterprise File Sharin...

5.3CVSS6.9AI score0.01055EPSS
Exploits0References1
Prion
Prion
added 2018/04/25 6:29 p.m.21 views

Authorization

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. An attacker can exploit Missing Authorization on the FlexPaperViewer SWF reader, and export files that should have been restricted, via vectors involving page-by-page access to a document in SWF format...

5CVSS5.2AI score0.01055EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/04/25 6:29 p.m.16 views

CVE-2018-10207

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. An attacker can exploit Missing Authorization on the FlexPaperViewer SWF reader, and export files that should have been restricted, via vectors involving page-by-page access to a document in SWF format...

5.3CVSS5.2AI score0.01055EPSS
Exploits0References2
Kitploit
Kitploit
added 2018/03/28 8:14 p.m.39 views

Envizon - Network Visualization Tool With Focus On Red / Blue Team Requirements

This tool is designed, developed and supported by evait security. In order to give something back to the security community, we publish our internally used and developed, state of the art network visualization and organization tool, 'envizon'. We hope your feedback will help to improve and hone i...

6.9AI score
Exploits0References3
CNVD
CNVD
added 2018/01/11 12:0 a.m.2 views

Unspecified Vulnerability in Apache Sling JCR ContentLoader XmlReader

Apache Sling JCR ContentLoader is the United States Apache Apache Software Foundation for the Java platform for a set of open source Web framework. The framework can be in the JCR Content Repository Java Content Repository on the creation of content-oriented applications . XmlReader is one of the...

7.5CVSS6.7AI score0.03143EPSS
Exploits0References1
CNVD
CNVD
added 2017/12/07 12:0 a.m.3 views

Palo Alto Networks PAN-OS Security Bypass Vulnerability (CNVD-2017-37959)

Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks, Inc. for its firewall appliances. A security bypass vulnerability exists in the Configuration File Export for Applications, Spyware, and Vulnerable Objects feature of the web interface in Palo Alto Networks PAN-OS...

5.3CVSS6.9AI score0.01705EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2015/09/30 12:0 a.m.14 views

Ninja Forms <= 2.9.27 - Malicious File Export

The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin was affected by a Malicious File Export security vulnerability...

1.4AI score
Exploits0References1Affected Software1
Exploit DB
Exploit DB
added 2014/12/02 12:0 a.m.26 views

SQL Buddy 1.3.3 - Remote Code Execution

Exploit Title: SQL Buddy Remote Code Execution Date: November 29 2014 Exploit Author: Fady Osman @fadyosman Youtube Channel : https://www.youtube.com/user/cutehack3r Vendor Homepage: http://sqlbuddy.com/ Software Link: https://github.com/calvinlough/sqlbuddy/raw/gh-pages/sqlbuddy.zip Version: SQL...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/09/29 12:0 a.m.14 views

Ecava IntegraXor < 4.2.4458 Multiple Vulnerabilities

Binary data scadaintegraxor424458.nbin...

9CVSS6.8AI score0.0265EPSS
Exploits0References4
seebug.org
seebug.org
added 2014/09/18 12:0 a.m.24 views

phpMyFAQ 2.8.X - Multiple Vulnerabilities

No description provided by source. Title: phpMyFAQ 2.8.X - Multiple Vulnerabilities Vendor: phpmyfaq.de Date: 04.09.19 Version: = 2.8.12 Latest ATM Tested on: Apache 2.2 / PHP 5.4 / Linux Contact: smash at devilteam.pl 1 Persistent XSS Administrator is able to view information about specific user...

7.1AI score
Exploits0
Rows per page
Query Builder