36 matches found
EUVD-2020-5637
Malware in sbrugna...
EUVD-2020-5636
Malware in sbrugna...
EUVD-2018-10575
Malware in sbrugna...
CVE-2020-13377
The web-services interface of Loadbalancer.org Enterprise VA MAX through 8.3.8 could allow an authenticated, remote, low-privileged attacker to conduct directory traversal attacks and obtain read and write access to sensitive files...
CVE-2020-13377
The web-services interface of Loadbalancer.org Enterprise VA MAX through 8.3.8 could allow an authenticated, remote, low-privileged attacker to conduct directory traversal attacks and obtain read and write access to sensitive files...
CVE-2020-13377
The web-services interface of Loadbalancer.org Enterprise VA MAX through 8.3.8 could allow an authenticated, remote, low-privileged attacker to conduct directory traversal attacks and obtain read and write access to sensitive files...
CVE-2020-13378
Loadbalancer.org Enterprise VA MAX through 8.3.8 has an OS Command Injection vulnerability that allows a remote authenticated attacker to execute arbitrary code...
CVE-2020-13378
Loadbalancer.org Enterprise VA MAX through 8.3.8 has an OS Command Injection vulnerability that allows a remote authenticated attacker to execute arbitrary code...
Command injection
Loadbalancer.org Enterprise VA MAX through 8.3.8 has an OS Command Injection vulnerability that allows a remote authenticated attacker to execute arbitrary code...
CVE-2020-13378
Loadbalancer.org Enterprise VA MAX through 8.3.8 has an OS Command Injection vulnerability that allows a remote authenticated attacker to execute arbitrary code...
CVE-2020-13378
Loadbalancer.org Enterprise VA MAX through 8.3.8 has an OS Command Injection vulnerability that allows a remote authenticated attacker to execute arbitrary code...
CVE-2020-13377
The web-services interface of Loadbalancer.org Enterprise VA MAX through 8.3.8 could allow an authenticated, remote, low-privileged attacker to conduct directory traversal attacks and obtain read and write access to sensitive files...
CVE-2020-13377
The web-services interface of Loadbalancer.org Enterprise VA MAX through 8.3.8 could allow an authenticated, remote, low-privileged attacker to conduct directory traversal attacks and obtain read and write access to sensitive files...
PT-2023-11473 · Loadbalancer.Org · Loadbalancer.Org Enterprise Va Max
Name of the Vulnerable Software and Affected Versions: Loadbalancer.org Enterprise VA MAX versions 8.3.8 and earlier Description: The issue allows a remote authenticated attacker to execute arbitrary code due to an OS Command Injection vulnerability. Recommendations: For versions 8.3.8 and earlie...
CVE-2020-13378
CVE-2020-13378 affects Loadbalancer.org Enterprise VA MAX up to version 8.3.8. The issue is an OS command injection in the appliance that could allow a remote authenticated attacker to execute arbitrary code. CVSS v3.1 base score 8.8 (HIGH) with network access, low attack complexity, and privileg...
CVE-2020-13377
Summary: CVE-2020-13377 affects Loadbalancer.org Enterprise VA MAX (up to version 8.3.8). The web-services interface is vulnerable to a directory traversal flaw that an authenticated, remote, low-privileged attacker can exploit to read and write sensitive files. What’s affected: Loadbalancer.org ...
loadbalancer.org Improper Access Control vulnerability OBB-2223835
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2018-18864
Loadbalancer.org Enterprise VA MAX before 8.3.3 has XSS because Apache HTTP Server logs are displayed...
Design/Logic Flaw
Loadbalancer.org Enterprise VA MAX before 8.3.3 has XSS because Apache HTTP Server logs are displayed...
CVE-2018-18864
Loadbalancer.org Enterprise VA MAX before 8.3.3 is affected by an Unauthenticated Stored XSS in the Apache logs. The PacktStorm entry details two vulnerability paths: (1) input from Basic Auth username stored in the Apache Error Log (HTTPS only), and (2) injected JavaScript via URLs (/?) stored i...