1027 matches found
CVE-2015-4031
Visual Mining NetCharts Server is affected by CVE-2015-4031: a directory traversal vulnerability in the development installer’s saveFile.jsp allows remote attackers to write arbitrary files. The root cause is lack of input sanitization in saveFile.jsp, enabling traversal to overwrite files and, p...
CVE-2015-4032
CVE-2015-4032 affects Visual Mining NetCharts Server, specifically projectContents.jsp in Developer tools. The documented vulnerability allows remote attackers to rename arbitrary files, enabling arbitrary code execution via unspecified vectors. This is supported by multiple sources (e.g., ZDI-15...
Visual Mining NetCharts Server Arbitrary File Upload Vulnerability
Visual Mining NetCharts Server is a set of data visualization tools. The tool supports the generation of data in the form of charts, graphs, reports, and more. An arbitrary file upload vulnerability exists in Visual Mining NetCharts Server, which allows remote attackers to exploit the vulnerabili...
(0Day) Visual Mining NetCharts Server Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Visual Mining NetChart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the development installation. The saveFile.jsp page does not properly check for...
Using scrapy crawl sebug vulnerability database-vulnerability warning-the black bar safety net
! Due to the project need to grab the sebug of the vulnerability database content, using the scrapy framework simple has written a gripping sebug the crawler, and stored in a database, mysql or mongodb, here to mysql, for example. About scrapy Scrapy, Python, development of a quick,high-level...
BEWARE! μTorrent Silently Installing Bitcoin Mining Software
If you have recently installed or updated the popular BitTorrent client μTorrent 3.4.2 Build 28913 on your computer, then you read this warning post right now. Users of the μTorrent file-sharing service are complaining that the latest update of software used for torrent downloading is silently...
Fortinet FortiAuthenticator Directory Traversal Vulnerability
Fortinet FortiAuthenticator is a series of secure authentication solutions that identify and interface with FortiToken™ two-factor authentication tokens for secure remote access. A directory traversal vulnerability in Fortinet FortiAuthenticator 3.0.0 allows a local user to read arbitrary files v...
Majority of 4G USB Modems, SIM Cards Exploitable
Researchers say 4G USB modems contain exploitable vulnerabilities through which attackers could, and researchers have, managed to gain full control of the machines to which the devices are connected. Researchers from Positive Technologies presented a briefing detailing how to compromise USB modem...
Visual Mining NetCharts Server Arbitrary File Upload
The Visual Mining NetCharts Server web interface installed on the remote web server is affected by a file upload vulnerability due to a built-in hidden account. An unauthenticated, remote attacker can exploit this issue to upload files with arbitrary code and then execute them on the remote host...
Visual Mining NetCharts Server Default Credentials (Web UI)
It is possible to log into the remote Visual Mining NetCharts Server installation by providing the default credentials. A remote, unauthenticated attacker can exploit this to gain administrative control. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...
Visual Mining NetCharts Server Web UI Detection
Binary data visualminingnetchartsserverwebdetect.nbin...
Visual Mining NetCharts Server File Upload Directory Traversal
A directory traversal vulnerability has been reported in Visual Mining NetCharts Server. The vulnerability is due to insufficient validation of file paths during the upload process. A remote attacker can exploit this vulnerability to execute arbitrary code on the affected system by uploading...
Visual Mining NetCharts Server Remote Code Execution
No description provided by source. This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include...
Web Application Protection - Tool to detect and correct vulnerabilities in PHP web applications
WAP 2.0 is a source code static analysis and data mining tool to detect and correct input validation vulnerabilities in web applications written in PHP version 4.0 or higher and with a low rate of false positives. WAP detects and corrects the following vulnerabilities: SQL Injection SQLI Cross-si...
Visual Mining NetCharts Server - Remote Code Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Visual Mining NetCharts Server Remote Code Execution', 'Description' = %q This module exploits multiple vulnerabilities in Visual...
Visual Mining NetCharts Server Remote Code Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Visual Mining NetCharts Server Remote Code Execution', 'Description' = %q This module exploits multiple vulnerabilities in Visual...
Visual Mining NetCharts Server Remote Code Execution
This module exploits multiple vulnerabilities in Visual Mining NetCharts. First, a lack of input validation in the administration console permits arbitrary jsp code upload to locations accessible later through the web service. Authentication is typically required, however a 'hidden' user is...
(0Day) Visual Mining NetCharts Server File Upload Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Visual Mining NetCharts Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of file uploads. The issue lies in the failure to sanitize...
UBUNTU-CVE-2014-6251
Stack-based buffer overflow in CPUMiner before 2.4.1 allows remote attackers to have an unspecified impact by sending a mining.subscribe response with a large nonce2 length, then triggering the overflow with a mining.notify request...
HashCat Introduction: Break That Hash
When the Bitcoin mining craze hit its peak, people felt the tug to join this new community and make some easy money. The Concepts behind Bitcoin mining intrigued me, in particular the new use of graphics processors GPUs. With a moderately expensive video card, you could bring in enough money to p...