Design/Logic Flaw

Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to obtain sensitive credential information by leveraging unspecified HTTP handler access on the local network, aka Cisco-Meraki defect ID 00302012...

CVE-2014-7999

Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote authenticated users to install arbitrary firmware by leveraging unspecified HTTP handler access on the local network, aka Cisco-Meraki defect ID 00478565...

CVE-2014-7993

Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to obtain sensitive credential information by leveraging unspecified HTTP handler access on the local network, aka Cisco-Meraki defect ID 00302012...

CVE-2014-7994

CVE-2014-7994 affects Cisco Meraki MS, MR, and MX devices with firmware prior to 2014-09-24. An attacker who knows a cross-device secret and a per-device secret can trigger arbitrary commands by sending a request to an unspecified HTTP handler on the local network. Root cause: flawed authenticati...

CVE-2014-7993

Cisco Meraki HTTP Handler Local Information Disclosure vulnerability (CVE-2014-7993) affects Cisco Meraki MS, MR, and MX devices with firmware prior to 2014-09-24. An HTTP handler that does not require requests to originate from the Meraki cloud allows LAN-adjacent attackers to obtain sensitive c...

Cisco Meraki HTTP Handler Local Information Disclosure Vulnerability

A vulnerability in an HTTP handler in Cisco Meraki firmware occurs because the handler does not require requests to come only from the Meraki cloud. This vulnerability could allow a LAN-based attacker to obtain sensitive credential information. An unauthenticated, remote attacker on an adjacent...

HttpCombiner ASP.NET - Remote File Disclosure Vulnerability

No description provided by source. Exploit Title: HttpCombiner ASP.NET Remote File Disclosure Vulnerability Google Dork: filetype:txt intext:HttpCombiner.ashx Date: 2014-10-10 Exploit Author: Hoang Anh Thai Vendor Homepage:...

HttpCombiner ASP.NET - Remote File Disclosure Vulnerability

Exploit for asp platform in category web applications Exploit Title: HttpCombiner ASP.NET Remote File Disclosure Vulnerability Google Dork: filetype:txt intext:HttpCombiner.ashx Date: 2014-10-10 Exploit Author: Hoang Anh Thai Vendor Homepage:...

HttpCombiner ASP.NET - Remote File Disclosure

HttpCombiner ASP.NET - Remote File Disclosure Exploit Title: HttpCombiner ASP.NET Remote File Disclosure Vulnerability Google Dork: filetype:txt intext:HttpCombiner.ashx Date: 2014-10-10 Exploit Author: Hoang Anh Thai Vendor Homepage:...

Reflective DLL Injection, Reverse Hop HTTP/HTTPS Stager

Inject a DLL via a reflective loader. Tunnel communication over an HTTP or HTTPS hop point. Note that you must first upload data/hop/hop.php to the PHP server you wish to use as a hop. This module requires Metasploit: https://metasploit.com/download Current source:...

Trend Micro Control Manager CasLogDirectInsertHandler.cs Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the CasLogDirectInsert.aspx...

FreeBSD Ports: mplayer, mplayer-gtk, mplayer-esound, mplayer-gtk-esound

The remote host is missing an update to the system as announced in the referenced advisory. VID 5e7f58c3-b3f8-4258-aeb8-795e5e940ff8 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...