Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Metasploit
Metasploitadded 2021/04/01 5:42 p.m.53 views

SaltStack Salt API Unauthenticated RCE through wheel_async client

This module leverages an authentication bypass and directory traversal vulnerabilities in Saltstack Salt's REST API to execute commands remotely on the master as the root user. Every 60 seconds, salt-master service performs a maintenance process check that reloads and executes all the grains on t...

9.8CVSS9.7AI score0.93846EPSS
Exploits6
Packet Storm
Packet Stormadded 2021/04/01 12:0 a.m.951 views

SaltStack Salt API Unauthenticated Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SaltStack Salt API Unauthenticated RCE through wheelasync client', 'Description' = %q This module leverages an authentication bypass and director...

7.5CVSS0.5AI score0.93846EPSS
Exploits6
securityvulns
securityvulnsadded 2012/09/03 12:0 a.m.46 views

DataWatch Monarch Business Intelligence (BI) v5.1 admin section stored cross-site scripting

DataWatch Monarch BI v5.1 admin section stored cross-site scripting Class: Input Validation Error Remote: Yes Local: No Published: 26/06/2012 Credit: Raymond Rizk of Dionach Limited [email protected] Vulnerable: DataWatch Monarch BI v5.1 DataWatch's Monarch BI admin section is prone to a stored...

0.3AI score
Exploits0
Rows per page
Query Builder