Lucene search
K

258 matches found

cnvd
cnvd
added 2017/12/25 12:0 a.m.5 views

ServersCheck Monitoring Software Cross-Site Scripting Vulnerability

ServersCheck Monitoring Software is a suite of browser-based network inspection tools from ServersCheck Belgium. The tool monitors, reports, and provides early warning of problems with system performance and reliability. A cross-site scripting vulnerability exists in ServersCheck Monitoring...

5.4CVSS6.4AI score0.00707EPSS
Exploits2References1
cvelist
cvelist
added 2017/12/22 6:0 p.m.20 views

CVE-2017-17832

ServersCheck Monitoring Software before 14.2.3 is prone to a cross-site scripting vulnerability as user supplied-data is not validated/sanitized when passed in the settingsSMSALERTTYPE parameter, and JavaScript can be executed on settings-save.html the Settings - SMS Alerts page...

5.3AI score0.00707EPSS
Exploits2References2
cve
cve
added 2017/12/22 6:0 p.m.51 views

CVE-2017-17832

ServersCheck Monitoring Software prior to 14.2.3 is affected by a cross-site scripting (XSS) vulnerability. The issue arises because user-supplied data passed in the settings_SMS_ALERT_TYPE parameter is not validated/sanitized, allowing JavaScript to be executed on the Settings - SMS Alerts page ...

5.4CVSS5.2AI score0.00707EPSS
Exploits2References2Affected Software1
bdu_fstec
bdu_fstec
added 2017/09/15 12:0 a.m.7 views

The vulnerability of the Advantech WebAccess remote monitoring software lies in its authentication procedures’ flaws, which allow a malicious actor to execute arbitrary code.

The vulnerability of the Advantech WebAccess remote monitoring software is related to deficiencies in authentication procedures. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially created requests...

7.5CVSS8.3AI score0.04831EPSS
Exploits0References3Affected Software1
myhack58
myhack58
added 2017/09/09 12:0 a.m.61 views

Microsoft windows the latest kernel has a vulnerability bug flaws: pass to kill all Windows version-bug warning-the black bar safety net

enSilo the research staff of the invention, a Microsoft kernel flaws, onslaught can take to bypass the anti-virus system and loaded vicious thoughts software. The flaws exist in the PsSetLoadImageNotifyRoutine, affects Windows 2000 to Windows 10 all editions. ! Microsoft in Windows 2000 to enable...

0.7AI score
Exploits0
fedora
fedora
added 2017/07/03 3:21 a.m.44 views

[SECURITY] Fedora 25 Update: zabbix-3.0.9-1.fc25

Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechan ism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers...

8.1CVSS1.5AI score0.261EPSS
Exploits24
cnvd
cnvd
added 2017/06/27 12:0 a.m.6 views

ntopng HTTP Response Splitting Vulnerability

NTOPNG is the next generation version of NTOP, computer software for monitoring traffic on a computer network. A split vulnerability exists in the ntopng HTTP response, which can be exploited by an attacker to have an impact on the integrity of the data...

7.5CVSS6.9AI score0.00866EPSS
Exploits0References1
osv
osv
added 2017/04/11 6:59 p.m.15 views

CVE-2017-6088

Multiple SQL injection vulnerabilities in EyesOfNetwork aka EON 5.0 and earlier allow remote authenticated users to execute arbitrary SQL commands via the 1 bpname, 2 display, 3 search, or 4 equipment parameter to module/monitoringged/gedfunctions.php or the 5 type parameter to...

7.2CVSS8.3AI score0.05835EPSS
Exploits6References4
bdu_fstec
bdu_fstec
added 2016/07/19 12:0 a.m.6 views

The software of the Advantech WebAccess remote monitoring system is vulnerable, allowing a intruder to obtain confidential information or alter data.

The vulnerability of Advantech WebAccess remote monitoring software is related to errors in the code. Exploiting this vulnerability can allow a local attacker to obtain confidential information or alter data...

3.3CVSS6.6AI score0.00449EPSS
Exploits0References2Affected Software1
bdu_fstec
bdu_fstec
added 2016/02/12 12:0 a.m.9 views

The vulnerabilities of the Advantech WebAccess remote monitoring software allow a intruder to execute arbitrary code.

The multiple vulnerabilities of the Advantech WebAccess remote monitoring software are caused by buffer overflow on the stack. Exploitation of these vulnerabilities could allow a malicious actor operating remotely to execute arbitrary code...

10CVSS8.5AI score0.16655EPSS
Exploits9References2Affected Software1
bdu_fstec
bdu_fstec
added 2016/02/12 12:0 a.m.10 views

The vulnerabilities of the Advantech WebAccess remote monitoring software allow a intruder to execute arbitrary code.

The multiple vulnerabilities of the Advantech WebAccess remote monitoring software are caused by a buffer overflow in the dynamic memory. Exploiting these vulnerabilities allows a malicious actor operating remotely to execute arbitrary code...

10CVSS8.6AI score0.28185EPSS
Exploits0References2Affected Software1
packetstorm
packetstorm
added 2015/12/08 12:0 a.m.38 views

Cyclope Employee Surveillance 8.6.1 Insecure File Permissions

Author: loneferret of Offensive Security Product: Cyclope Employee Surveillance Solution again Version: = 6.8.1 Vendor Site: http://www.cyclope-series.com/ Software Download: http://www.cyclope-series.com/download/index.html Link: http://www.cyclope-series.com/setups/setup.exe Software descriptio...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2015/12/06 12:0 a.m.21 views

Cyclope Employee Surveillance 8.6.1 - Insecure File Permissions

Cyclope Employee Surveillance 8.6.1 - Insecure File Permissions Author: loneferret of Offensive Security Product: Cyclope Employee Surveillance Solution again Version: = 6.8.1 Vendor Site: http://www.cyclope-series.com/ Software Download: http://www.cyclope-series.com/download/index.html Link:...

0.1AI score
Exploits0
packetstorm
packetstorm
added 2015/08/22 12:0 a.m.37 views

up.time 7.5.0 Cross Site Request Forgery / Cross Site Scripting

up.time 7.5.0 XSS And CSRF Add Admin Exploit Vendor: Idera Inc. Product web page: http://www.uptimesoftware.com Affected version: 7.5.0 build 16 and 7.4.0 build 13 Summary: The next-generation of IT monitoring software. Desc: The application allows users to perform certain actions via HTTP...

0.3AI score
Exploits0
packetstorm
packetstorm
added 2015/08/22 12:0 a.m.30 views

up.time 7.5.0 Arbitrary File Disclose / Delete

up.time 7.5.0 Arbitrary File Disclose And Delete Exploit Vendor: Idera Inc. Product web page: http://www.uptimesoftware.com Affected version: 7.5.0 build 16 and 7.4.0 build 13 Summary: The next-generation of IT monitoring software. Desc: Input passed to the 'filename' parameter in 'get2post.php'...

0.3AI score
Exploits0
zdt
zdt
added 2015/08/20 12:0 a.m.30 views

up.time 7.5.0 XSS And CSRF Add Admin Exploit

Exploit for php platform in category web applications up.time 7.5.0 XSS And CSRF Add Admin Exploit Vendor: Idera Inc. Product web page: http://www.uptimesoftware.com Affected version: 7.5.0 build 16 and 7.4.0 build 13 Summary: The next-generation of IT monitoring software. Desc: The application...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2015/08/19 12:0 a.m.20 views

up.time 7.5.0 - Upload and Execute

up.time 7.5.0 - Upload and Execute up.time 7.5.0 Upload And Execute File Exploit Vendor: Idera Inc. Product web page: http://www.uptimesoftware.com Affected version: 7.5.0 build 16 and 7.4.0 build 13 Summary: The next-generation of IT monitoring software. Desc: up.time suffers from arbitrary...

7.4AI score
Exploits0
zeroscience
zeroscience
added 2015/08/19 12:0 a.m.38 views

up.time 7.5.0 XSS And CSRF Add Admin Exploit

Summary The next-generation of IT monitoring software. Description The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-i...

6AI score
Exploits0
exploitdb
exploitdb
added 2015/08/19 12:0 a.m.29 views

up.time 7.5.0 - Superadmin Privilege Escalation

input...

7.4AI score
Exploits0
zeroscience
zeroscience
added 2015/08/19 12:0 a.m.29 views

up.time 7.5.0 Arbitrary File Disclose And Delete Exploit

Summary The next-generation of IT monitoring software. Description Input passed to the 'filename' parameter in 'get2post.php' script is not properly sanitised before being used to get the contents of a resource and delete files. This can be exploited to read and delete arbitrary data from local...

5.9AI score
Exploits0
Rows per page
Query Builder