33 matches found
EUVD-2016-5491
Malware in sbrugna...
EUVD-2016-3381
Malware in sbrugna...
Meteocontrol WEBlog Password Extractor
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Meteocontrol WEBlog Password Extractor', 'Description' = % This module exploits an authentication bypass vulnerability in Meteocontrol WEBLog...
CVE-2016-4504
A Cross-Site Request Forgery issue was discovered in Meteocontrol WEB'log Basic 100 all versions, Light all versions, Pro all versions, and Pro Unlimited all versions. There is no CSRF Token generated per page or per function...
Cross site request forgery (csrf)
A Cross-Site Request Forgery issue was discovered in Meteocontrol WEB'log Basic 100 all versions, Light all versions, Pro all versions, and Pro Unlimited all versions. There is no CSRF Token generated per page or per function...
CVE-2016-4504
CVE-2016-4504: Meteocontrol WEB’log Basic 100, Light, Pro, and Pro Unlimited (all versions) are affected by a Cross-Site Request Forgery vulnerability caused by the lack of a CSRF token on pages/functions. The vulnerability enables potential unauthorized actions on affected devices, with the ICS-...
CVE-2016-4504
A Cross-Site Request Forgery issue was discovered in Meteocontrol WEB'log Basic 100 all versions, Light all versions, Pro all versions, and Pro Unlimited all versions. There is no CSRF Token generated per page or per function...
Meteocontrol WEBlog Password Extractor
This module exploits an authentication bypass vulnerability in Meteocontrol WEBLog appliances software version 'Meteocontrol WEBlog Password Extractor', 'Description' = % This module exploits an authentication bypass vulnerability in Meteocontrol WEBLog appliances software version 'URL',...
Meteocontrol WEB’log - Admin Password Disclosure
No description provided by source...
Meteocontrol WEB'log arbitrary command execution vulnerability
No description provided by source...
Meteocontrol WEBlog 多个越权漏洞
No description provided by source...
Meteocontrol WEB'log Detection (HTTP)
HTTP based detection of Meteocontrol WEB SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.107004";...
Meteocontrol WEB'log Admin Password Disclosure Vulnerability
Meteocontrol WEB Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it und...
Multiple Meteocontrol WEB'log Products Cross-Site Request Forgery Vulnerabilities
Meteocontrol WEB'log is a web-based SCADA system from Meteocontrol Germany that provides energy and power configuration management functions using different connected energy/industrial devices. A cross-site request forgery vulnerability exists in several Meteocontrol WEB'log products. A remote...
Meteocontrol WEBLog Password Extractor
Exploit Title: Meteocontrol WEB'log - Extract Admin password Discovered by: Karn Ganeshen Vendor Homepage: http://www.meteocontrol.com/en/ Versions Reported: All Meteocontrol WEB'log versions CVE-ID: CVE-2016-2296 Meteocontrol WEB'log - Metasploit Auxiliary Module...
Meteocontrol WEB’log - Admin Password Disclosure (Metasploit)
Exploit Title: Meteocontrol WEB'log - Extract Admin password Discovered by: Karn Ganeshen Vendor Homepage: http://www.meteocontrol.com/en/ Versions Reported: All Meteocontrol WEB'log versions CVE-ID: CVE-2016-2296 Meteocontrol WEB'log - Metasploit Auxiliary Module...
Meteocontrol WEB’log - Admin Password Disclosure (Metasploit)
Exploit for multiple platform in category web applications Exploit Title: Meteocontrol WEB'log - Extract Admin password Discovered by: Karn Ganeshen Vendor Homepage: http://www.meteocontrol.com/en/ Versions Reported: All Meteocontrol WEB'log versions CVE-ID: CVE-2016-2296 Meteocontrol WEB'log -...
Meteocontrol WEB’log - Admin Password Disclosure (Metasploit)
Meteocontrol WEB’log - Admin Password Disclosure Metasploit Exploit Title: Meteocontrol WEB'log - Extract Admin password Discovered by: Karn Ganeshen Vendor Homepage: http://www.meteocontrol.com/en/ Versions Reported: All Meteocontrol WEB'log versions CVE-ID: CVE-2016-2296 Meteocontrol WEB'log -...
Meteocontrol WEB'log Arbitrary Command Execution Vulnerability
Meteocontrol WEB'log is a web-based SCADA system that provides energy and power configuration management functions using different connected devices. A security vulnerability exists in the access command shell-like functionality of several Meteocontrol WEB'log products, which could be exploited b...
Meteocontrol WEB'log Information Disclosure Vulnerability (CNVD-2016-03190)
Meteocontrol WEB'log is a web-based SCADA system that provides energy and power configuration management functions using different connected devices. Several Meteocontrol WEB'log products store information in clear text, allowing remote attackers to exploit vulnerabilities to obtain sensitive...