Ipswitch WhatsUp Gold < 16.5.0 WrFreeFormText.asp sUniqueID Parameter Blind SQLi (credentialed)

According to its self-reported version number, the Ipswitch WhatsUp Gold application installed on the remote host is prior to 16.5.0. It is, therefore, affected by a SQL injection vulnerability within file WrFreeFormText.asp due to improper sanitization of user-supplied input to the 'sUniqueID'...

Ipswitch WhatsUp Gold SQL Injection Vulnerability (CNVD-2016-10073)

Ipswitch WhatsUp Gold is a suite of unified infrastructure and application monitoring software from Ipswitch USA. A SQL injection vulnerability exists in the sUniqueID parameter of the WrFreeFormText.asp script in Ipswitch WhatsUp Gold version 16.4.1, which can be exploited by remote attackers to...

CVE-2016-1000000

Ipswitch WhatsUp Gold 16.4.1 WrFreeFormText.asp sUniqueID Parameter Blind SQL Injection...

CVE-2016-1000000

Ipswitch WhatsUp Gold 16.4.1 WrFreeFormText.asp sUniqueID Parameter Blind SQL Injection...

Sql injection

Ipswitch WhatsUp Gold 16.4.1 WrFreeFormText.asp sUniqueID Parameter Blind SQL Injection...

CVE-2016-1000000

CVE-2016-1000000 concerns a SQL injection in Ipswitch WhatsUp Gold, specifically in the web page WrFreeFormText.asp via the sUniqueID parameter (and related fields). The vulnerability is described as a Blind SQL Injection in version 16.4.1, with potential for an authenticated, remote attacker to ...

CVE-2016-1000000

Ipswitch WhatsUp Gold 16.4.1 WrFreeFormText.asp sUniqueID Parameter Blind SQL Injection...

PT-2016-4489 · Ipswitch · Ipswitch Whatsup Gold

Name of the Vulnerable Software and Affected Versions: Ipswitch WhatsUp Gold version 16.4.1 Description: The issue is related to a Blind SQL Injection in the sUniqueID parameter of the WrFreeFormText.asp page. This allows for potential unauthorized access to database information. Recommendations:...

Ipswitch WhatsUp < 16.4 Multiple Vulnerabilities

Ipswitch WhatsUp Gold is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:progress:whatsupgold"...

Progress / Ipswitch WhatsUp Gold Detection (HTTP)

HTTP based detection of Progress / Ipswitch WhatsUp Gold. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ipswitch WS_FTP LE 12.3 SEH Overwrite

!/usr/bin/python Author: Zahid Adeel Author Email: [email protected] Title: Ipswitch WSFTP LE 12.3 - Search field SEH Overwrite POC Vendor Homepage: http://www.wsftple.com/ Software Link: http://www.wsftple.com/download.aspx Version: LE 12.3 Tested on: Windows 8.1 x64 Pro Date: 2016-05-10...

Ipswitch WS_FTP LE 12.3 - Search field Overwrite (SEH) (PoC)

Exploit for windows platform in category dos / poc !/usr/bin/python Author: Zahid Adeel Author Email: email protected Title: Ipswitch WSFTP LE 12.3 - Search field SEH Overwrite POC Vendor Homepage: http://www.wsftple.com/ Software Link: http://www.wsftple.com/download.aspx Version: LE 12.3 Tested...

Ipswitch WS_FTP LE 12.3 - Search field Overwrite (SEH) (PoC)

Ipswitch WSFTP LE 12.3 - Search field Overwrite SEH PoC !/usr/bin/python Author: Zahid Adeel Author Email: [email protected] Title: Ipswitch WSFTP LE 12.3 - Search field SEH Overwrite POC Vendor Homepage: http://www.wsftple.com/ Software Link: http://www.wsftple.com/download.aspx Version: L...

Ipswitch WS_FTP LE 12.3 - Search field Overwrite (SEH) (PoC)

!/usr/bin/python Author: Zahid Adeel Author Email: [email protected] Title: Ipswitch WSFTP LE 12.3 - Search field SEH Overwrite POC Vendor Homepage: http://www.wsftple.com/ Software Link: http://www.wsftple.com/download.aspx Version: LE 12.3 Tested on: Windows 8.1 x64 Pro Date: 2016-05-10...

Ipswitch MOVEit File Transfer Cross-Site Scripting Vulnerability

Ipswitch MOVEit File Transfer formerly known as DMZ an automated file transfer system from the US company Ipswitch. A cross-site scripting vulnerability exists in Ipswitch MOVEit File Transfer 8.1 and earlier versions, which can be exploited by remote attackers to conduct cross-site scripting...

CVE-2015-7676

Ipswitch MOVEit File Transfer formerly DMZ 8.1 and earlier, when configured to support file view on download, allows remote authenticated users to conduct cross-site scripting XSS attacks by uploading HTML files...

Cross site scripting

Ipswitch MOVEit File Transfer formerly DMZ 8.1 and earlier, when configured to support file view on download, allows remote authenticated users to conduct cross-site scripting XSS attacks by uploading HTML files...

CVE-2015-7676

Ipswitch MOVEit File Transfer formerly DMZ 8.1 and earlier, when configured to support file view on download, allows remote authenticated users to conduct cross-site scripting XSS attacks by uploading HTML files...

CVE-2015-7676

CVE-2015-7676 affects Ipswitch MOVEit File Transfer (DMZ) 8.1 and earlier when configured to support file view on download. The root cause is insecure default configuration that allows uploading HTML files, enabling remote authenticated users to perform cross-site scripting (XSS) attacks. Impact ...

Ipswitch WhatsUp Professional Source Disclosure (CVE-2006-2357)

Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allows remote attackers to obtain source code for scripts via a trailing dot in a request to NmConsole/Login.asp...