SQL Injection Vulnerability in Flash Flood Monitoring and Early Warning Platform of Fujian SiChuang Software Co.

Fujian SiChuang Software Co., Ltd. flash flood disaster monitoring and early warning platform is mainly for flood control command system, flash flood disaster early warning system and other products, has been widely used in the Ministry of Water Resources Basin Committee and the provinces and...

SQL Injection Vulnerability in Fuzhou Tranda Special Equipment Safety Monitoring System

Fuzhou Chuangda special equipment safety monitoring system using B / S structure, the use of J2EE for development, the system can run on any operating system platform, running into the server and client operation, the server runs the corresponding WEB APPLICATION services such as: TOMCAT, JBOSS,...

SG8000 large rotating machine monitoring system Alarm SMS module /sg8k_sms information disclosure

No description provided by source...

SG8000 large rotating machine monitoring system /app/sg8k_rs/config/defaultuser.xml the system Super administrator account password information disclosure

No description provided by source...

S8000 rotating machinery online condition monitoring and analysis system /default. asp parameter username injection vulnerability

No description provided by source...

GE Bently Nevada 3500/22M Improper Authorization Vulnerability

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on September 8, 2016, and is being released to the NCCIC/ICS-CERT web site. GE has identified an improper authorization vulnerability in the GE Bently Nevada 3500/22M monitoring system. GE has produced a new firmwar...

Through the NVD vulnerability database to see recent vulnerability trends-vulnerability warning-the black bar safety net

2 0 1 6 years has been in the past less than half it's time over the past few years, the vulnerability analysis. The present article will be on the NVD vulnerability database over the last 5 years vulnerability analysis, look at the vulnerability of the development trend is like. Why the choice o...

[SECURITY] [DLA 278-1] cacti security update

Package : cacti Version : 0.8.7g-1+squeeze7 CVE ID : CVE-2015-4634 Debian Bug : NA Several SQL injection vulnerabilities were discovered in cacti, a frontend to rrdtool for monitoring systems and service: CVE-2015-4634 SQL injection vulnerability in Cacti before 0.8.8e allows remote attackers to...

Hacking Team Promises to Rebuild RCS

The aftermath of the Hacking Team attack raised legitimate questions about the controversial Italian surveillance software vendor’s long-term viability. With reams of sensitive internal data and intellectual property posted online, how could the company survive? For now, however, the company seem...

Pandora FMS Authentication Bypass Vulnerability

Pandora FMS Flexible Monitoring System is a monitoring system from the Pandora FMS team. The system monitors networks, servers, virtual infrastructures, applications, etc. in a visual way. An authentication bypass vulnerability exists in Pandora FMS. An attacker can exploit this vulnerability to...

Debian Security Advisory DSA 3295-1 (cacti - security update)

Several vulnerabilities cross-site scripting and SQL injection have been discovered in Cacti, a web interface for graphing of monitoring systems. OpenVAS Vulnerability Test $Id: deb3295.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from advisory DSA 3295-1 using nvtgen 1.0 Script...

Sinapsi eSolar Light Plaintext Password Disclosure Vulnerability

Sinapsi eSolar Light is a monitoring system for use within solar applications from the Italian company Sinapsi. A security vulnerability in Sinapsi eSolar Light allows a remote attacker to read the HTML source code in the mail-configuration page to obtain a clear-text password and use it for...

Opsview <= 4.6.2 - Multiple XSS Vulnerabilities

Exploit for php platform in category web applications Exploit title: Opsview 4.6.2 - Multiple XSS Date: 07-06-2015 Vendor homepage: www.opsview.com Version: 4.6.2 CVE: CVE-2015-4420 Author: Dolev Farhi @dolevf Tested On: Kali Linux + Windows 7 Details: -------- Opsview is a monitoring system base...

Opsview 4.6.2 - Multiple Cross-Site Scripting Vulnerabilities

Opsview 4.6.2 - Multiple Cross-Site Scripting Vulnerabilities Exploit title: Opsview 4.6.2 - Multiple XSS Date: 07-06-2015 Vendor homepage: www.opsview.com Version: 4.6.2 CVE: CVE-2015-4420 Author: Dolev Farhi @dolevf Tested On: Kali Linux + Windows 7 Details: -------- Opsview is a monitoring...

SQL Injection Vulnerability in Special Equipment Safety Monitoring System of Fuzhou Development Zone Chuangda Electronics Co.

Fuzhou Development Zone Chuangda Electronics Co., Ltd. special equipment safety monitoring system is a set of safety monitoring system for regulating elevators and other special equipment. Fuzhou Development Zone, Chuangda Electronics Co., Ltd. special equipment safety monitoring system there are...

The SS7 network to save significant vulnerability that everyone can monitor mobile phones-vulnerability warning-the black bar safety net

Recently, German researchers found that the mobile security vulnerabilities these vulnerabilities enable hackers, spies and criminals take advantage of, you can large-scale wiretapping of private telephone and steal a mobile phone short message, even if the mobile phone network using the current...

ntopng 1.2.0 XSS injection using monitored network traffic

ntopng 1.2.0 XSS injection using monitored network traffic ntopng is the next generation version of the original ntop, a network traffic probe and monitor that shows the network usage, similar to what the popular top Unix command does. The web-based frontend of the software is vulnerable to...

ntopng 1.2.0 - Cross-Site Scripting Injection

ntopng 1.2.0 XSS injection using monitored network traffic ntopng is the next generation version of the original ntop, a network traffic probe and monitor that shows the network usage, similar to what the popular top Unix command does. The web-based frontend of the software is vulnerable to...

Distributed Packet Monitoring System: Packetbeat

Packetbeat is a distributed packet monitoring system that can be used for application performance management. Think of it like a distributed real-time Wireshark with a lot more analytics features. Agents sniff the traffic between your application processes, parse on the fly protocols like HTTP,...

Zenoss Monitoring System 4.2.5-2108 64bit - Stored XSS Vulnerability

Cross-site scripting XSS vulnerability in Zenoss 4.2.5 allows remote attackers to inject arbitrary web script or HTML via the title of a device. Exploit Title: Stored XSS vulnerability in Zenoss core open source monitoring system Date: 12/05/2014 Exploit author: Dolev Farhi dolevatopenflare.org...