Lucene search
+L

70 matches found

Positive Technologies
Positive Technologies
added 2024/01/19 12:0 a.m.10 views

PT-2024-15774 · Monitorr · Monitorr

Name of the Vulnerable Software and Affected Versions: Monitorr version 1.7.6m Description: A critical vulnerability was found in Monitorr, affecting an unknown functionality of the file /assets/php/upload.php in the Services Configuration component. The manipulation of the fileToUpload argument...

6.7AI score
Exploits7References6
CNNVD
CNNVD
added 2024/01/19 12:0 a.m.7 views

Number withdrawn

Monitorr is Monitorr open source a web front-end . It is used to display the status of any web application or service in real time. This CVE number has been withdrawn...

6.8AI score
Exploits7References4
Packet Storm
Packet Storm
added 2023/04/05 12:0 a.m.255 views

Monitorr 1.7.6 Cross Site Scripting

Exploit Title: Monitorr v1.7.6 - Cross Site Scripting CVE: CVE-2023-26776 Exploit Author: Achuth V P retrymp3 Date: February 09, 2023 Vendor Homepage: https://github.com/Monitorr/ Software Link: https://github.com/Monitorr/Monitorr Tested on: Ubuntu Version: v1.7.6 Exploit Description: Cross Site...

6.5AI score0.01179EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2023/04/04 3:15 p.m.5 views

CVE-2023-26775

File Upload vulnerability found in Monitorr v.1.7.6 allows a remote attacker t oexecute arbitrary code via a crafted file upload to the assets/php/upload.php endpoint...

7.8CVSS7.4AI score0.49367EPSS
Exploits0References6
NVD
NVD
added 2023/04/04 3:15 p.m.15 views

CVE-2023-26775

File Upload vulnerability found in Monitorr v.1.7.6 allows a remote attacker t oexecute arbitrary code via a crafted file upload to the assets/php/upload.php endpoint...

7.8CVSS7.7AI score0.49367EPSS
Exploits0References5
NVD
NVD
added 2023/04/04 3:15 p.m.12 views

CVE-2023-26776

Cross Site Scripting vulnerability found in Monitorr v.1.7.6 allows a remote attacker to execute arbitrary code via the title parameter of the postreceiver-services.php file...

6.1CVSS6.4AI score0.01179EPSS
Exploits1References5
Prion
Prion
added 2023/04/04 3:15 p.m.13 views

Cross site scripting

Cross Site Scripting vulnerability found in Monitorr v.1.7.6 allows a remote attacker to execute arbitrary code via the title parameter of the postreceiver-services.php file...

5.8CVSS6.4AI score0.01179EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2023/04/04 3:15 p.m.20 views

Unrestricted file upload

File Upload vulnerability found in Monitorr v.1.7.6 allows a remote attacker t oexecute arbitrary code via a crafted file upload to the assets/php/upload.php endpoint...

4.4CVSS7.7AI score0.49367EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2023/04/04 12:0 a.m.6 views

PT-2023-20790 · Monitorr · Monitorr

Name of the Vulnerable Software and Affected Versions: Monitorr version 1.7.6 Description: A remote attacker can execute arbitrary code via a crafted file upload to the "assets/php/upload.php" endpoint. This allows for the potential execution of malicious code on the affected system...

7.8CVSS7.7AI score0.49367EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2023/04/04 12:0 a.m.5 views

CVE-2023-26776

Cross Site Scripting vulnerability found in Monitorr v.1.7.6 allows a remote attacker to execute arbitrary code via the title parameter of the postreceiver-services.php file...

7.2AI score0.01179EPSS
Exploits1References5
Cvelist
Cvelist
added 2023/04/04 12:0 a.m.18 views

CVE-2023-26775

File Upload vulnerability found in Monitorr v.1.7.6 allows a remote attacker t oexecute arbitrary code via a crafted file upload to the assets/php/upload.php endpoint...

7.8AI score0.49367EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/04/04 12:0 a.m.7 views

PT-2023-20791 · Monitorr · Monitorr

Name of the Vulnerable Software and Affected Versions: Monitorr version 1.7.6 Description: A Cross Site Scripting issue allows a remote attacker to execute arbitrary code via the title parameter of the "post receiver-services.php" file. This enables the attacker to inject malicious scripts into t...

6.1CVSS6.5AI score0.01179EPSS
Exploits1References9
CVE
CVE
added 2023/04/04 12:0 a.m.143 views

CVE-2023-26776

CVE-2023-26776 affects Monitorr v1.7.6. It is a Cross Site Scripting vulnerability in the post_receiver-services.php title parameter that can let a remote attacker execute arbitrary code. The exploit details (PacketStorm) show how an attacker can craft a malicious title to run script code via the...

6.1CVSS6.4AI score0.01179EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2023/04/04 12:0 a.m.6 views

Monitorr 代码问题漏洞

Monitorr is Monitorr open source a web front-end . Used to display the status of any web application or service in real time . A security vulnerability exists in Monitorr version v.1.7.6. A remote attacker could exploit this vulnerability to execute arbitrary code via specially crafted files...

7.8CVSS7.9AI score0.49367EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/04/04 12:0 a.m.5 views

Monitorr 跨站脚本漏洞

Monitorr is Monitorr open source a web front-end . Used to display the status of any web application or service in real time . A cross-site scripting vulnerability exists in Monitorr version v.1.7.6. A remote attacker can exploit this vulnerability to execute arbitrary code...

6.1CVSS6.4AI score0.01179EPSS
Exploits1References4
CVE
CVE
added 2023/04/04 12:0 a.m.39 views

CVE-2023-26775

Summary: CVE-2023-26775 affects Monitorr v1.7.6, where a crafted file upload to assets/php/upload.php can lead to remote arbitrary code execution. The NVD/Red Hat/CIRCL OSV entries confirm the same issue with high severity (CVSS 3.1 base score 7.8). Impact: remote attacker could execute code by u...

7.8CVSS7.6AI score0.49367EPSS
In wildExploits0References5Affected Software1
OSV
OSV
added 2023/04/04 12:0 a.m.16 views

CVE-2023-26776

Cross Site Scripting vulnerability found in Monitorr v.1.7.6 allows a remote attacker to execute arbitrary code via the title parameter of the postreceiver-services.php file...

6.1CVSS6.6AI score0.01179EPSS
Exploits1References7
OSV
OSV
added 2023/04/04 12:0 a.m.9 views

CVE-2023-26775

File Upload vulnerability found in Monitorr v.1.7.6 allows a remote attacker t oexecute arbitrary code via a crafted file upload to the assets/php/upload.php endpoint...

7.8CVSS7.9AI score0.49367EPSS
Exploits0References7
Rapid7 Blog
Rapid7 Blog
added 2023/03/24 6:33 p.m.65 views

Metasploit Weekly Wrap-Up

Zxyel Routers Beware This week we've released a module written by first time community contributor shr70 that can exploit roughly 45 different Zyxel router and VPN models. The module exploits a buffer overflow vulnerability that results in unauthenticated remote code execution on affected devices...

7.5CVSS9.7AI score0.99055EPSS
Exploits22
Packet Storm
Packet Storm
added 2023/03/23 12:0 a.m.375 views

Monitorr 1.7.6m / 1.7.7d Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Monitorr unauthenticated Remote Code Execution RCE', 'Description' = %q This module exploits an arbitrary file upload vulnerability and achieving...

9.8CVSS9.4AI score0.85785EPSS
Exploits8
Rows per page
Query Builder