Lucene search
+L

135 matches found

Hacker One
Hacker One
added 2016/02/13 4:31 a.m.96 views

HackerOne: Null byte injection

Hi , I would like to report an issue that I have noticed in https://hackerone.com/users/signin?invitationtoken= . I am not sure if this is a valid security issue , but I have decided to report it anyway and see what you guys think. Details: - When you go to...

6.7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2015/06/04 8:2 a.m.2 views

php: move_uploaded_file() NUL byte injection in file name

It was found that PHP moveuploadedfile function did not properly handle file names with a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions...

5CVSS6.7AI score0.08592EPSS
Exploits2References4
ThreatPost
ThreatPost
added 2014/09/10 3:56 p.m.9 views

Details Disclosed on Patched Webmin Vulnerability

The University of Texas information security office yesterday disclosed the details on a critical vulnerability in Webmin that was patched in May, days after it was reported. The bug in the UNIX remote management tool provided remote root access to a host server. Authenticated users would then be...

8.2AI score
Exploits0References3
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.23 views

HP Managed Printing Administration jobAcct Remote Command Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.40 views

Tiki Wiki CMS Groupware <= 8.2 (snarf_ajax.php) Remote PHP Code Injection

No description provided by source. ------------------------------------------------------------------------- Tiki Wiki CMS Groupware = 8.2 snarfajax.php Remote PHP Code Injection ------------------------------------------------------------------------- author...........: Egidio Romano aka EgiX...

0.04271EPSS
Exploits7
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

Cisco Prime Data Center Network Manager - Arbitrary File Upload

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Microsoft .Net Framework <= 2.0 - Multiple Null Byte Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/24791/info Microsoft .NET Framework is prone to multiple NULL-byte injection vulnerabilities because it fails to adequately sanitize user-supplied data. An attacker can exploit these issues to access sensitive information...

7.1AI score
Exploits0
0day.today
0day.today
added 2013/12/03 12:0 a.m.59 views

Cisco Prime Data Center Network Manager Arbitrary File Upload

This Metasploit module exploits a code execution flaw in Cisco Data Center Network Manager. The vulnerability exists in processImageSave.jsp, which can be abused through a directory traversal and a null byte injection to upload arbitrary files. The autodeploy JBoss application server feature is...

10CVSS10.1AI score0.75962EPSS
Exploits6
Packet Storm
Packet Storm
added 2013/12/03 12:0 a.m.39 views

Cisco Prime Data Center Network Manager Arbitrary File Upload

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Cisco Prime Data Center Network Manager Arbitrary File Upload', 'Description' = %q This module exploits a code execution flaw in Cisc...

10CVSS0.6AI score0.75962EPSS
Exploits6
0day.today
0day.today
added 2013/12/03 12:0 a.m.52 views

Cisco Prime Data Center Network Manager Arbitrary File Upload Vulnerability

Exploit for java platform in category remote exploits require 'msf/core' class Metasploit3 'Cisco Prime Data Center Network Manager Arbitrary File Upload', 'Description' = %q This module exploits a code execution flaw in Cisco Data Center Network Manager. The vulnerability exists in...

10CVSS9.2AI score0.75962EPSS
Exploits6
Exploit DB
Exploit DB
added 2013/12/03 12:0 a.m.38 views

Cisco Prime Data Center Network Manager - Arbitrary File Upload (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Cisco Prime Data Center Network Manager Arbitrary File Upload', 'Description' = %q This module exploits a code execution flaw in Cisc...

10CVSS7AI score0.75962EPSS
Exploits6
Metasploit
Metasploit
added 2013/11/30 5:11 a.m.30 views

Cisco Prime Data Center Network Manager Arbitrary File Upload

This module exploits a code execution flaw in Cisco Data Center Network Manager. The vulnerability exists in processImageSave.jsp, which can be abused through a directory traversal and a null byte injection to upload arbitrary files. The autodeploy JBoss application server feature is used to...

10CVSS8.4AI score0.75962EPSS
Exploits6
Positive Technologies
Positive Technologies
added 2013/08/16 12:0 a.m.23 views

PT-2013-49: Null Byte Injection in Oracle Containers for J2EE

The specialists of the Positive Research center have detected a Null Byte Injection vulnerability in Oracle Containers for J2EE. Oracle Containers for J2EE does not properly handle a null byte in the path when transferring a request to another static page or a JSP script via pageContext.forward o...

5CVSS7.1AI score0.01244EPSS
Exploits0References3
0day.today
0day.today
added 2013/07/22 12:0 a.m.63 views

HP Managed Printing Administration jobAcct Remote Command Execution

Exploit for windows platform in category remote exploits require 'msf/core' class Metasploit3 'HP Managed Printing Administration jobAcct Remote Command Execution', 'Description' = %q This module exploits an arbitrary file upload vulnerability on HP Managed Printing Administration 2.6.3 and befor...

7.1AI score0.61756EPSS
Exploits5
Exploit DB
Exploit DB
added 2013/07/22 12:0 a.m.53 views

HP Managed Printing Administration - jobAcct Remote Command Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'HP Managed Printing Administration...

7.5CVSS7AI score0.61756EPSS
Exploits5
0day.today
0day.today
added 2013/07/19 12:0 a.m.70 views

HP Managed Printing Administration jobAcct Remote Command Execution

This Metasploit module exploits an arbitrary file upload vulnerability on HP Managed Printing Administration 2.6.3 and before. The vulnerability exists in the UploadFiles function from the MPAUploader.Uploader.1 control, loaded and used by the server. The function can be abused via directory...

7.5CVSS7AI score0.61756EPSS
Exploits5
Metasploit
Metasploit
added 2013/07/18 2:39 p.m.32 views

HP Managed Printing Administration jobAcct Remote Command Execution

This module exploits an arbitrary file upload vulnerability on HP Managed Printing Administration 2.6.3 and prior versions. The vulnerability exists in the UploadFiles function from the MPAUploader.Uploader.1 control, loaded and used by the server. The function can be abused via directory travers...

7.5CVSS7.4AI score0.61756EPSS
Exploits5
Packet Storm
Packet Storm
added 2013/07/18 12:0 a.m.51 views

HP Managed Printing Administration jobAcct Remote Command Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'HP Managed Printing Administration...

7.5CVSS0.6AI score0.61756EPSS
Exploits5
myhack58
myhack58
added 2013/04/08 12:0 a.m.50 views

The PHP file contains the exploit-vulnerability warning-the black bar safety net

A, PHP configuration in the file contain the use of The file contains a vulnerability that when the programmer in the include file of the process is introduced in the external data submitted by participating in the procedures included the generation of vulnerability, this vulnerability is current...

7.2AI score
Exploits0
Packet Storm
Packet Storm
added 2011/12/23 12:0 a.m.43 views

Tiki Wiki CMS Groupware 8.2 Code Injection

------------------------------------------------------------------------- Tiki Wiki CMS Groupware /tiki-8.2/snarfajax.php?url=1&regexres=phpinfo&regex=//e%00/ Tiki internal filters remove all null bytes from user input, but for some strange reason this doesn't happen within admin sessions. So,...

0.2AI score0.04271EPSS
Exploits7
Rows per page
Query Builder