16 matches found
EUVD-2018-13544
Malware in sbrugna...
EUVD-2008-2084
Malware in sbrugna...
EUVD-2018-13545
Malware in sbrugna...
EUVD-2018-3614
Malware in sbrugna...
Cacti 1.2.22 unauthenticated command injection
This module exploits an unauthenticated command injection vulnerability in Cacti through 1.2.22 CVE-2022-46169 in order to achieve unauthenticated remote code execution as the www-data user. The module first attempts to obtain the Cacti version to see if the target is affected. If LOCALDATAID...
SQL Injection
centreon/centreon is vulnerable to SQL injection. An attacker is able to inject and execute arbitrary SQL commands via the hostid parameter...
SQL Injection
Centreon Web is vulnerable to SQL injection. The hostid parameter in makeXMLListServices.php is directly appended to the SQL query, allowing an attacker to inject and execute arbitrary SQL script through the affected parameter...
Sql injection
imggantt.php in Centreon Web before 2.8.27 allows attackers to perform SQL injections via the hostid parameter...
Sql injection
makeXMLListServices.php in Centreon Web before 2.8.28 allows attackers to perform SQL injections via the hostid parameter...
CVE-2018-21021
imggantt.php in Centreon Web before 2.8.27 allows attackers to perform SQL injections via the hostid parameter...
CVE-2018-11589
Multiple SQL injection vulnerabilities in Centreon 3.4.6 including Centreon Web 2.8.23 allow attacks via the searchU parameter in viewLogs.php, the id parameter in GetXmlHost.php, the chartId parameter in ExportCSVServiceData.php, the searchCurve parameter in listComponentTemplates.php, or the...
Researchers Reverse Engineer Dropbox
Researchers have cracked open cloud storage service Dropbox, reverse engineering the encryption protecting the client in order to open it up to further security analysis. The engineers, Dhiru Kholia of Openwall and Przemyslaw Wegrzyn of CodePainters, also managed to demonstrate how to use...
Sql injection
SQL injection vulnerability in main.php in Centreon 2.1.5 allows remote attackers to execute arbitrary SQL commands via the hostid parameter...
CVE-2010-1301
SQL injection vulnerability in main.php in Centreon 2.1.5 allows remote attackers to execute arbitrary SQL commands via the hostid parameter...
CVE-2010-1301
SQL injection vulnerability in main.php in Centreon 2.1.5 allows remote attackers to execute arbitrary SQL commands via the hostid parameter...
CVE-2008-2087
SQL injection vulnerability in searchresult.php in Softbiz Web Host Directory Script, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the hostid parameter, a different vector than CVE-2005-3817...