Lucene search
K

32 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-7991

Malware in sbrugna...

7.5CVSS7.5AI score0.04661EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/31 12:0 a.m.5 views

PT-2025-31532 · Undefined · Undefined

An unrestricted file upload vulnerability exists in Kaseya KServer versions prior to 6.3.0.2. The uploadImage.asp endpoint allows unauthenticated users to upload files to arbitrary paths via a crafted filename parameter in a multipart/form-data POST request. Due to the lack of authentication and...

9.3CVSS8.3AI score0.01838EPSS
Exploits0References5
Prion
Prion
added 2019/10/28 8:15 p.m.11 views

Command injection

Trend Micro Apex One could be exploited by an attacker utilizing a command injection vulnerability to extract files from an arbitrary zip file to a specific folder on the Apex One server, which could potentially lead to remote code execution RCE. The remote process execution is bound to the IUSR...

5CVSS8.1AI score0.04661EPSS
Exploits0References1Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2018/05/18 12:0 a.m.35 views

Advantech WebAccess Node Product Installation File Access Control Modification Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privilege on vulnerable installations of Advantech WebAccess Node. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the access...

7.2CVSS5AI score0.00362EPSS
Exploits0References1
Prion
Prion
added 2018/03/08 8:29 p.m.18 views

Design/Logic Flaw

A vulnerability allows local attackers to escalate privilege on Rapid Scada 5.5.0 because of weak C:\SCADA permissions. The specific flaw exists within the access control that is set and modified during the installation of the product. The product sets weak access control restrictions. An attacke...

7.2CVSS8AI score0.00599EPSS
Exploits3References2Affected Software1
OSV
OSV
added 2018/03/08 8:29 p.m.3 views

CVE-2018-5313

A vulnerability allows local attackers to escalate privilege on Rapid Scada 5.5.0 because of weak C:\SCADA permissions. The specific flaw exists within the access control that is set and modified during the installation of the product. The product sets weak access control restrictions. An attacke...

7.8CVSS6.1AI score0.00599EPSS
Exploits3References2
Cvelist
Cvelist
added 2018/03/08 8:0 p.m.21 views

CVE-2018-5313

A vulnerability allows local attackers to escalate privilege on Rapid Scada 5.5.0 because of weak C:\SCADA permissions. The specific flaw exists within the access control that is set and modified during the installation of the product. The product sets weak access control restrictions. An attacke...

7.9AI score0.00599EPSS
Exploits3References2
0day.today
0day.today
added 2018/03/07 12:0 a.m.81 views

Rapid Scada 5.5.0 Insecure Permissions Vulnerability

Exploit for windows platform in category local exploits Rapid Scada - 5.5.0 - Insecure Permissions ------------------------------------------------------- Author: - Filipe Xavier Oliveira: icacls SCADA SCADA BUILTIN\Administrators:IF BUILTIN\Administrators:IOICIIOF NT AUTHORITY\SYSTEM:IF NT...

7.2CVSS7.4AI score0.00599EPSS
Exploits3
Zero Day Initiative
Zero Day Initiative
added 2017/09/15 12:0 a.m.24 views

Trend Micro Mobile Security for Enterprise upload_wallpaper_file Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Mobile Security for Enterprise. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of the uploadwallpaperfile action. The issue...

6.5CVSS3.2AI score0.10931EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/09/15 12:0 a.m.24 views

Trend Micro Mobile Security for Enterprise upload_font_file Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Mobile Security for Enterprise. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of the uploadfontfile action. The issue results...

6.5CVSS3.2AI score0.10931EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/07/31 12:0 a.m.34 views

Trend Micro Control Manager cmdHandlerFileHandling Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within cmdHandlerFileHandling.dll. The issue results from the lack of proper...

6.8CVSS4.9AI score0.27446EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/02/07 12:0 a.m.48 views

Trend Micro Control Manager modDLPViolationCnt_drildown Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within widgetold's modDLPViolationCntdrildown.php script. The issue lies in the...

6.8CVSS7.5AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/02/07 12:0 a.m.18 views

Trend Micro Control Manager modDLPTemplateMatch_drildown Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within widget's modDLPTemplateMatchdrildown.php script. The issue lies in the lac...

6.8CVSS7.5AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/02/07 12:0 a.m.67 views

Trend Micro Control Manager download Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Trend Micro Control Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within widget's download.php script. The issue lies in the lack of proper...

4.3CVSS3.3AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/02/07 12:0 a.m.27 views

Trend Micro Control Manager modDLPTemplateMatch_drildown Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within widgetold's modDLPTemplateMatchdrildown.php script. The issue lies in the...

6.8CVSS7.5AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/02/07 12:0 a.m.18 views

Trend Micro Control Manager download Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Trend Micro Control Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within widgetsnew's download.php script. The issue lies in the lack of...

4.3CVSS3.5AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/02/07 12:0 a.m.39 views

Trend Micro Control Manager importFile Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within widget's importFile.php script. The issue lies in the lack of proper...

6.8CVSS7.5AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/02/07 12:0 a.m.17 views

Trend Micro Control Manager modDLPViolationCnt_drildown Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within widgetoldSP1's modDLPViolationCntdrildown.php script. The issue lies in th...

6.8CVSS7.5AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/02/07 12:0 a.m.20 views

Trend Micro Control Manager importFile Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the importFile.php script. The issue lies in the failure to properly...

6.8CVSS7.5AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/02/07 12:0 a.m.29 views

Trend Micro Control Manager modDLPTemplateMatch_drildown Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within widgetoldSP1's modDLPTemplateMatchdrildown.php script. The issue lies in t...

6.8CVSS7.5AI score
Exploits0References1
Rows per page
Query Builder