61 matches found
Path Traversal - Archiving Files to Zip
Description The Tiny File Manager pack files feature is vulnerable to path traversal, which allows an attacker to access files that reside outside the web document root directory. The vulnerability occurs as the "file" parameter is not sanitized properly, thus allowing a malicious user to input...
CVE-2021-35218 Chart Endpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability
Deserialization of Untrusted Data in the Web Console Chart Endpoint can lead to remote code execution. An unauthorized attacker who has network access to the Orion Patch Manager Web Console could potentially exploit this and compromise the server...
Cisco Firepower Device Manager Web Interface Detection
Binary data ciscofirepowerdevicemanagerwebuidetect.nbin...
Cross-site Scripting Vulnerability in JP1/Performance Management - Manager [Web Console]
Overview A Cross-site Scripting Vulnerability was found in JP1/Performance Management - Manager Web Console. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take...
CVE-2020-2637
Vulnerability in the Enterprise Manager for Oracle Database product of Oracle Enterprise Manager component: Change Manager - web based. Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access vi...
Cisco Unified Communications Manager WEB Interface SQL Injection Vulnerability
Cisco Unified Communications Manager is a unified communications solution. A SQL injection vulnerability exists in the Cisco Unified Communications Manager WEB interface, which could be exploited by remote attackers to submit a specially crafted SQL request to manipulate a database, obtain...
The vulnerability of the Cisco Unified Communications Manager web framework allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Cisco Unified Communications Manager web framework is related to the lack of protection for operational data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information through a specially created...
Micro Focus Content Manager File Upload Vulnerability
Micro Focus Content Manager is an electronic document and records management system. A file upload vulnerability exists in the Web client component of Micro Focus Content Manager 9.1, 9.2, and 9.3 when configured to use the ADFS authentication method. An attacker could exploit this vulnerability ...
CVE-2018-13998
ClipperCMS 1.3.3 has stored XSS via the Full Name field of 1 Security - Manager Users or 2 Security - Web Users...
Unrestricted file upload
Unrestricted file upload vulnerability in webadmin/ajaxfilemanager/ajaxfilemanager.php in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote authenticated users with admin privileges on the Cloud Manager web console to execute arbitrary PHP code by uploading a file...
Cisco Remote Expert Manager Temporary File Information Disclosure Vulnerability
Cisco Remote Expert Manager Software is the United States Cisco Cisco a remote management software. The software remote screen sharing, screen annotation and session recording and other collaborative functions. Cisco Remote Expert Manager Software has a temporary file information disclosure...
CVE-2016-3028
IBM Security Access Manager for Web 7.0 before IF2 and 8.0 before 8.0.1.4 IF3 and Security Access Manager 9.0 before 9.0.1.0 IF5 allow remote authenticated users to execute arbitrary commands by leveraging LMI admin access...
Easily using Vulnerability CVE-2 0 1 6-4 5 0 2 ranged attack power plants-vulnerability warning-the black bar safety net
! Repair hopeless? You can only deactivate the function or replace the device! Recently,without a patch the vulnerability, CVE-2 0 1 6-4 5 0 2 be found use in industrial control systems,has now been found that power plants use industrial control system may be severely affected,contrive evil...
SolarWinds Storage Resource Monitor Profiler Module HostStorageServlet SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Storage Resource Monitor Profiler Module. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the HostStorageServlet servlet in th...
SolarWinds Storage Resource Monitor Profiler Module HostStorageServlet SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Storage Resource Monitor Profiler Module. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the HostStorageServlet servlet in th...
SolarWinds Storage Resource Monitor Profiler Module XiotechMonitorServlet SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Storage Resource Monitor Profiler Module. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the XiotechMonitorServlet servlet in...
SolarWinds Storage Resource Monitor Profiler Module BackupAssociationServlet SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Storage Resource Monitor Profiler Module. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the BackupAssociationServlet servlet...
Unspecified Vulnerability in Oracle Enterprise Manager Grid Control Oracle Application Testing Suite Test Manager for Web Apps Component (CNVD-2016-00668)
Oracle Enterprise Manager is an enhanced management suite for ORACLE Fusion endpoint software. An unspecified vulnerability in the Oracle Application Testing Suite Test Manager for Web Apps component of Oracle Enterprise Manager Grid Control allows remote attackers to exploit the vulnerability to...
Unspecified Vulnerability in Oracle Enterprise Manager Grid Control Oracle Application Testing Suite Test Manager for Web Apps Component (CNVD-2016-00704)
Oracle Enterprise Manager is an enhanced management suite for ORACLE Fusion endpoint software. An unspecified vulnerability in the Oracle Application Testing Suite Test Manager for Web Apps component of Oracle Enterprise Manager Grid Control allows remote attackers to exploit the vulnerability to...
Unspecified Vulnerability in Oracle Enterprise Manager Grid Control Oracle Application Testing Suite Test Manager for Web Apps Component
Oracle Enterprise Manager is an enhanced management suite for ORACLE Fusion endpoint software. An unspecified security vulnerability in the Oracle Application Testing Suite Test Manager for Web Apps component of Oracle Enterprise Manager Grid Control allows remote attackers to exploit the...