Lucene search
K

13 matches found

CNVD
CNVD
added 2017/11/10 12:0 a.m.4 views

WatchGuard Hexis HawkEye G Cross-Site Request Forgery Vulnerability

WatchGuard Hexis HawkEye G is a network communications security solution from WatchGuard USA. A cross-site request forgery vulnerability exists in WatchGuard Hexis HawkEye G version 3.0.1.4912. A remote attacker can exploit this vulnerability to perform unauthorized actions, including adding...

8.8CVSS7AI score0.04175EPSS
Exploits4References1
Prion
Prion
added 2017/10/23 6:29 p.m.22 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in Hexis HawkEye G 3.0.1.4912 allow remote attackers to hijack the authentication of administrators for requests that 1 add arbitrary accounts via the name parameter to interface/rest/accounts/json; turn off the 2 Url matching, 3 DNS Inject...

6.8CVSS7.8AI score0.04175EPSS
Exploits4References3Affected Software1
Cvelist
Cvelist
added 2017/10/23 6:0 p.m.36 views

CVE-2015-2878

Multiple cross-site request forgery CSRF vulnerabilities in Hexis HawkEye G 3.0.1.4912 allow remote attackers to hijack the authentication of administrators for requests that 1 add arbitrary accounts via the name parameter to interface/rest/accounts/json; turn off the 2 Url matching, 3 DNS Inject...

9.2AI score0.04175EPSS
Exploits4References3
CVE
CVE
added 2017/10/23 6:0 p.m.63 views

CVE-2015-2878

The CVE-2015-2878 entry concerns Hexis HawkEye G 3.0.1.4912, where multiple CSRF vulnerabilities exist that let an attacker hijack administrator sessions to perform actions such as adding arbitrary accounts, turning off sensors (Url matching, DNS Inject, IP Redirect), and whitelisting malware MD5...

8.8CVSS9AI score0.04175EPSS
Exploits4References3Affected Software1
securityvulns
securityvulns
added 2015/08/24 12:0 a.m.32 views

Hawkeye-G XSS

Crossite scripting in web interface...

1.2AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2015/08/24 12:0 a.m.35 views

Hawkeye-G v3.0.1 Persistent XSS & Information Leakage

Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-HAWKEYEG0725.txt Vendor: ================================ www.hexiscyber.com Product: ================================ Hawkeye-G v3.0.1.4912 Hawkeye G is an active defense...

6.4AI score
Exploits0
exploitpack
exploitpack
added 2015/07/27 12:0 a.m.26 views

Hawkeye-G 3.0.1.4912 - Persistent Cross-Site Scripting Information Leakage

Hawkeye-G 3.0.1.4912 - Persistent Cross-Site Scripting Information Leakage Exploit Title: Persistent XSS, Information Leakage IDS / IPS Google Dork: intitle: Persistent XSS, Information Leakage IDS / IPS Date: 2015-07-25 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org Vendor...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2015/07/27 12:0 a.m.31 views

Hawkeye-G 3.0.1.4912 Cross Site Scripting / Information Leakage

Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-HAWKEYEG0725.txt Vendor: ================================ www.hexiscyber.com Product: ================================ Hawkeye-G v3.0.1.4912 Hawkeye G is an active defense...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2015/07/27 12:0 a.m.34 views

Hawkeye-G 3.0.1.4912 - Persistent Cross-Site Scripting / Information Leakage

Exploit Title: Persistent XSS, Information Leakage IDS / IPS Google Dork: intitle: Persistent XSS, Information Leakage IDS / IPS Date: 2015-07-25 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org Vendor Homepage: www.hexiscyber.com Software Link:...

7.4AI score
Exploits0
0day.today
0day.today
added 2015/07/24 12:0 a.m.50 views

Hawkeye-G v3.0.1.4912 CSRF Vulnerability

Exploit for php platform in category web applications Exploit Title: CSRF, Network Threat Appliance IDS / IPS Google Dork: intitle: CSRF Network Threat Appliance IDS / IPS Date: 2015-07-24 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org Vendor Homepage: www.hexiscyber.com...

6.8CVSS0.1AI score0.04175EPSS
Exploits4
exploitpack
exploitpack
added 2015/07/24 12:0 a.m.56 views

Hawkeye-G 3.0.1.4912 - Cross-Site Request Forgery

Hawkeye-G 3.0.1.4912 - Cross-Site Request Forgery Exploit Title: CSRF, Network Threat Appliance IDS / IPS Google Dork: intitle: CSRF Network Threat Appliance IDS / IPS Date: 2015-07-24 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org Vendor Homepage: www.hexiscyber.com Softwa...

6.8CVSS0.9AI score0.04175EPSS
Exploits4
Packet Storm
Packet Storm
added 2015/07/24 12:0 a.m.47 views

Hawkeye-G 3.0.1.4912 Cross Site Request Forgery

Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-HAWKEYEG0724.txt Vulnerability Type: =================== CSRF CVE Reference: ============== CVE-2015-2878 Vendor: =================== www.hexiscyber.com Product:...

7.7CVSS0.6AI score0.04175EPSS
Exploits4
Exploit DB
Exploit DB
added 2015/07/24 12:0 a.m.53 views

Hawkeye-G 3.0.1.4912 - Cross-Site Request Forgery

Exploit Title: CSRF, Network Threat Appliance IDS / IPS Google Dork: intitle: CSRF Network Threat Appliance IDS / IPS Date: 2015-07-24 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org Vendor Homepage: www.hexiscyber.com Software Link: www.hexiscyber.com/products/hawkeye-g...

8.8CVSS9AI score0.04175EPSS
Exploits4
Rows per page
Query Builder