33 matches found
EUVD-2016-3381
Malware in sbrugna...
EUVD-2016-5491
Malware in sbrugna...
Meteocontrol WEBlog Password Extractor
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Meteocontrol WEBlog Password Extractor', 'Description' = % This module exploits an authentication bypass vulnerability in Meteocontrol WEBLog...
Cross site request forgery (csrf)
A Cross-Site Request Forgery issue was discovered in Meteocontrol WEB'log Basic 100 all versions, Light all versions, Pro all versions, and Pro Unlimited all versions. There is no CSRF Token generated per page or per function...
CVE-2016-4504
A Cross-Site Request Forgery issue was discovered in Meteocontrol WEB'log Basic 100 all versions, Light all versions, Pro all versions, and Pro Unlimited all versions. There is no CSRF Token generated per page or per function...
CVE-2016-4504
A Cross-Site Request Forgery issue was discovered in Meteocontrol WEB'log Basic 100 all versions, Light all versions, Pro all versions, and Pro Unlimited all versions. There is no CSRF Token generated per page or per function...
CVE-2016-4504
CVE-2016-4504: Meteocontrol WEB’log Basic 100, Light, Pro, and Pro Unlimited (all versions) are affected by a Cross-Site Request Forgery vulnerability caused by the lack of a CSRF token on pages/functions. The vulnerability enables potential unauthorized actions on affected devices, with the ICS-...
Meteocontrol WEBlog Password Extractor
This module exploits an authentication bypass vulnerability in Meteocontrol WEBLog appliances software version 'Meteocontrol WEBlog Password Extractor', 'Description' = % This module exploits an authentication bypass vulnerability in Meteocontrol WEBLog appliances software version 'URL',...
Meteocontrol WEB’log - Admin Password Disclosure
No description provided by source...
Meteocontrol WEB'log arbitrary command execution vulnerability
No description provided by source...
Meteocontrol WEBlog 多个越权漏洞
No description provided by source...
Meteocontrol WEB'log Admin Password Disclosure Vulnerability
Meteocontrol WEB Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it und...
Meteocontrol WEB'log Detection (HTTP)
HTTP based detection of Meteocontrol WEB SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.107004";...
Multiple Meteocontrol WEB'log Products Cross-Site Request Forgery Vulnerabilities
Meteocontrol WEB'log is a web-based SCADA system from Meteocontrol Germany that provides energy and power configuration management functions using different connected energy/industrial devices. A cross-site request forgery vulnerability exists in several Meteocontrol WEB'log products. A remote...
Meteocontrol WEB’log - Admin Password Disclosure (Metasploit)
Exploit for multiple platform in category web applications Exploit Title: Meteocontrol WEB'log - Extract Admin password Discovered by: Karn Ganeshen Vendor Homepage: http://www.meteocontrol.com/en/ Versions Reported: All Meteocontrol WEB'log versions CVE-ID: CVE-2016-2296 Meteocontrol WEB'log -...
Meteocontrol WEB’log - Admin Password Disclosure (Metasploit)
Meteocontrol WEB’log - Admin Password Disclosure Metasploit Exploit Title: Meteocontrol WEB'log - Extract Admin password Discovered by: Karn Ganeshen Vendor Homepage: http://www.meteocontrol.com/en/ Versions Reported: All Meteocontrol WEB'log versions CVE-ID: CVE-2016-2296 Meteocontrol WEB'log -...
Meteocontrol WEB’log - Admin Password Disclosure (Metasploit)
Exploit Title: Meteocontrol WEB'log - Extract Admin password Discovered by: Karn Ganeshen Vendor Homepage: http://www.meteocontrol.com/en/ Versions Reported: All Meteocontrol WEB'log versions CVE-ID: CVE-2016-2296 Meteocontrol WEB'log - Metasploit Auxiliary Module...
Meteocontrol WEBLog Password Extractor
Exploit Title: Meteocontrol WEB'log - Extract Admin password Discovered by: Karn Ganeshen Vendor Homepage: http://www.meteocontrol.com/en/ Versions Reported: All Meteocontrol WEB'log versions CVE-ID: CVE-2016-2296 Meteocontrol WEB'log - Metasploit Auxiliary Module...
Meteocontrol WEB'log Information Disclosure Vulnerability
Meteocontrol WEB'log is a web-based SCADA system that provides energy and power configuration management functions using different connected devices. An information disclosure vulnerability exists in multiple Meteocontrol WEB'log products that could be exploited by an unauthorized attacker to gai...
Meteocontrol WEB'log Information Disclosure Vulnerability (CNVD-2016-03190)
Meteocontrol WEB'log is a web-based SCADA system that provides energy and power configuration management functions using different connected devices. Several Meteocontrol WEB'log products store information in clear text, allowing remote attackers to exploit vulnerabilities to obtain sensitive...