Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 11:2 p.m.7 views

CVE-2022-1248

A vulnerability was found in SAP Information System 1.0 which has been rated as critical. Affected by this issue is the file /SAPInformationSystem/controllers/addadmin.php. An unauthenticated attacker is able to create a new admin account for the web application with a simple POST request. Exploi...

7.5CVSS6.8AI score0.01332EPSS
Exploits2References1
0day.today
0day.today
added 2024/02/27 12:0 a.m.421 views

Atlassian Confluence Data Center and Server - Authentication Bypass Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Confluence Data Center and Server Authentication Bypass via Broken Access Control', 'Description' = %q This module exploits a broken...

9.8CVSS7.2AI score0.99156EPSS
Exploits39
0day.today
0day.today
added 2019/03/10 12:0 a.m.203 views

DirectAdmin 1.55 - CMD_ACCOUNT_ADMIN Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications Exploit title: DirectAdmin v1.55 - CSRF via CMDACCOUNTADMIN Admin Panel Exploit Author: ManhNho Vendor Homepage: https://www.directadmin.com/ Software Link: https://www.directadmin.com/ Demo Link: https://www.directadmin.com:2222/CMDACCOUNTADM...

6.8CVSS8.7AI score0.02435EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/03/08 12:0 a.m.74 views

DirectAdmin 1.55 - 'CMD_ACCOUNT_ADMIN' Cross-Site Request Forgery

Exploit title: DirectAdmin v1.55 - CSRF via CMDACCOUNTADMIN Admin Panel Date: 03/03/2019 Exploit Author: ManhNho Vendor Homepage: https://www.directadmin.com/ Software Link: https://www.directadmin.com/ Demo Link: https://www.directadmin.com:2222/CMDACCOUNTADMIN Version: 1.55 CVE: CVE-2019-9625...

8.8CVSS8.8AI score0.02435EPSS
Exploits5
OSV
OSV
added 2018/01/30 9:29 p.m.2 views

CVE-2018-6408

An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 devices. CSRF exists in hy-cgi/user.cgi, as demonstrated by changing an administrator password or adding a new administrator account...

8.8CVSS5.8AI score
Exploits0References1
Cvelist
Cvelist
added 2014/12/08 4:0 p.m.17 views

CVE-2014-9344

Cross-site request forgery CSRF vulnerability in Snowfox CMS before 1.0.10 allows remote attackers to hijack the authentication of administrators for requests that add a new admin account via a submit action in the admin/accounts/create uri to snowfox/...

7AI score0.02341EPSS
Exploits2References5
securityvulns
securityvulns
added 2013/07/10 12:0 a.m.67 views

Zoom X4/X5 ADSL Modem and Router -Unauthenticated Remote Root Command Execution

Vulnerable Products - Zoom X4 ADSL Modem and Router running Nucleus/4.3 UPnP/1.0Virata-EmWeb/R620 Server All GS Firmware versions Zoom X5 ADSL Modem and Router running Nucleus/4.3 UPnP/1.0Virata-EmWeb/R620 Server All GS Firmware versions Note: A similar vulnerability was reported several years ag...

0.8AI score
Exploits0
Prion
Prion
added 2007/08/28 12:17 a.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in Ipswitch WSFTP allows remote attackers to inject arbitrary web script or HTML via arguments to a valid command, which is not properly handled when it is displayed by the view log option in the administration interface. NOTE: this can be leveraged to creat...

4.3CVSS6.1AI score0.01631EPSS
Exploits0References5
CVE
CVE
added 2007/08/28 12:0 a.m.46 views

CVE-2007-4555

CVE-2007-4555 describes a cross-site scripting (XSS) vulnerability in Ipswitch WS_FTP's administration interface. The issue occurs when arguments to a valid command are not properly sanitized and are displayed by the view log option, enabling an attacker to inject arbitrary web script or HTML. Th...

4.3CVSS5.7AI score0.01631EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder