Lucene search
K

97 matches found

exploitpack
exploitpack
added 2015/03/04 12:0 a.m.37 views

SolarWinds Orion Service - SQL Injection

SolarWinds Orion Service - SQL Injection I found a couple SQL injection vulnerabilities in the core Orion service used in most of the Solarwinds products SAM, IPAM, NPM, NCM, etc…. This service provides a consistent configuration and authentication layer across the products. To be exact, the...

7.5CVSS0.4AI score0.47749EPSS
Exploits8
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

Ip Reg 0.3 - Multiple Remote SQL Injection Vulnerabilities

No description provided by source. --------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | / \ \ | \ \ | | | \ | |/ \ | | // | || | ||| /| / /\ | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/04/08 12:0 a.m.317 views

Nixu NameSurfer多个安全漏洞

CVE ID:CVE-2014-0060、CVE-2014-0061、CVE-2014-0062、CVE-2014-0063、CVE-2014-0064、CVE-2014-0065、CVE-2014-0066 Nixu NameSurfer是一个实现集中地址管理覆盖的IPAM软件应用解决方案。 Nixu NameSurfer存在多个安全漏洞: 1,部分输入在使用之前缺少过滤,允许攻击者利用漏洞注入恶意脚本或HTML代码,当恶意数据被查看时,可获取敏感信息或劫持用户会话。 2,解析XML实体时存在错误,允许攻击者利用特制的包含外部实体引用的XML文档来获取本地资源数据或消耗服务器资源。...

6.5CVSS0.2AI score0.06666EPSS
Exploits5
Check Point Advisories
Check Point Advisories
added 2012/12/31 12:0 a.m.4 views

SolarWinds Orion IPAM Reflected Cross-site Scripting (CVE-2012-4939)

A reflected cross-site scripting vulnerability exists in SolarWinds Orion IPAM. The vulnerability is due to insufficient sanitization of user-supplied input, which is echoed back to the user. A remote attacker could exploit this vulnerability by enticing an authenticated user to follow a crafted...

4.3CVSS5.7AI score0.07171EPSS
Exploits2
Prion
Prion
added 2012/10/31 7:55 p.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in IPAMSummaryView.aspx in the IPAM web interface before 3.0-HotFix1 in SolarWinds Orion Network Performance Monitor might allow remote attackers to inject arbitrary web script or HTML via the "Search for an IP address" field...

4.3CVSS6.2AI score0.07171EPSS
Exploits2References1Affected Software2
Cvelist
Cvelist
added 2012/10/31 7:0 p.m.20 views

CVE-2012-4939

Cross-site scripting XSS vulnerability in IPAMSummaryView.aspx in the IPAM web interface before 3.0-HotFix1 in SolarWinds Orion Network Performance Monitor might allow remote attackers to inject arbitrary web script or HTML via the "Search for an IP address" field...

5.7AI score0.07171EPSS
Exploits2References1
CVE
CVE
added 2012/10/31 7:0 p.m.71 views

CVE-2012-4939

SolarWinds Orion IPAM IPAMSummaryView.aspx is affected by a reflected XSS in the IPAM web interface prior to 3.0–HotFix1. An attacker can inject script via the "Search for an IP address" field, which could execute in a logged-in user’s browser and potentially lead to information leakage or creden...

4.3CVSS5.8AI score0.07171EPSS
Exploits2References1Affected Software2
Exploit DB
Exploit DB
added 2012/10/31 12:0 a.m.35 views

SolarWinds Orion IP Address Manager (IPAM) - 'search.aspx' Cross-Site Scripting

source: https://www.securityfocus.com/bid/56342/info SolarWinds Orion IP Address Manager IPAM is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary script code in the browser of an...

7.4AI score
Exploits0
CERT
CERT
added 2012/10/31 12:0 a.m.22 views

SolarWinds Orion IPAM web interface reflected xss vulnerability

Overview SolarWinds Orion IPAM web interface contains a reflected cross-site scripting vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'SolarWinds Orion IPAM web interface contains a reflected cross-site scripting vulnerability. ...

4.3CVSS6.2AI score0.07171EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2009/10/22 12:0 a.m.49 views

Infoblox IPAM Appliance Default Credentials

The remote host appears to be running Infoblox IPAM appliance. Nessus was able to log into the remote web console using default credentials. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid42212; scriptversion"1.12...

5.5AI score
Exploits0References1
seebug.org
seebug.org
added 2007/12/23 12:0 a.m.25 views

Ip Reg 0.3 Multiple Remote SQL Injection Vulnerabilities

No description provided by source. --------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | / \ \ | \ \ | | | \ | |/ \ | | // | || | ||| /| / /\ | |||| /| / / &nb...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/12/22 12:0 a.m.28 views

IP Reg 0.3 - Multiple SQL Injections

--------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg --------------------------------------------------------------- Multiple...

7AI score
Exploits0
0day.today
0day.today
added 2007/12/22 12:0 a.m.21 views

Ip Reg 0.3 Multiple Remote SQL Injection Vulnerabilities

Exploit for unknown platform in category web applications ======================================================== Ip Reg 0.3 Multiple Remote SQL Injection Vulnerabilities ======================================================== --------------------------------------------------------------- / | ...

7.1AI score
Exploits0
Prion
Prion
added 2007/08/08 10:17 p.m.13 views

Directory traversal

Directory traversal vulnerability in the BlueCat Networks Proteus IPAM appliance 2.0.2.0 Adonis DNS/DHCP appliance 5.0.2.8 allows remote authenticated administrators, with certain TFTP privileges, to create and overwrite arbitrary files via a .. dot dot in a pathname. NOTE: this can be leveraged...

7.1CVSS6.9AI score0.03767EPSS
Exploits1References9Affected Software1
Cvelist
Cvelist
added 2007/08/08 10:0 p.m.19 views

CVE-2007-4226

Directory traversal vulnerability in the BlueCat Networks Proteus IPAM appliance 2.0.2.0 Adonis DNS/DHCP appliance 5.0.2.8 allows remote authenticated administrators, with certain TFTP privileges, to create and overwrite arbitrary files via a .. dot dot in a pathname. NOTE: this can be leveraged...

6.4AI score0.03767EPSS
Exploits1References9
CVE
CVE
added 2007/08/08 10:0 p.m.41 views

CVE-2007-4226

CVE-2007-4226 describes a directory traversal in the BlueCat Networks Proteus IPAM appliance 2.0.2.0 (Adonis DNS/DHCP appliance 5.0.2.8). The vulnerability allows remote authenticated administrators with certain TFTP privileges to create and overwrite arbitrary files through a .. in a pathname, w...

7.1CVSS6.4AI score0.03767EPSS
Exploits1References9Affected Software1
securityvulns
securityvulns
added 2007/08/07 12:0 a.m.107 views

TS-2007-002-0: BlueCat Networks Adonis root Privilege Access

Template Security Security Advisory ----------------------------------- BlueCat Networks Adonis root Privilege Access Date: 2007-08-06 Advisory ID: TS-2007-002-0 Vendor: BlueCat Networks, http://www.bluecatnetworks.com/ Revision: 0 Contents -------- Summary Software Version Details Impact Exploit...

0.2AI score
Exploits0
Rows per page
Query Builder