36 matches found
EUVD-2018-20511
Malware in sbrugna...
EUVD-2018-20545
Malware in sbrugna...
EUVD-2018-8414
Malware in sbrugna...
EUVD-2018-20584
Malware in sbrugna...
Open-AudIT Professional 3.3.1 Remote Code Execution
Exploit Title: Open-AudIT Professional 3.3.1 - Remote Code Execution Date: 2020-04-22 Exploit Author: Askar CVE: CVE-2020-12078 Vendor Homepage: https://opmantek.com/ Version: v3.3.1 Tested on: Ubuntu 18.04 / PHP 7.2.24 !/usr/bin/python3 import requests import sys import warnings import random...
Open-AudIT Professional Cross-Site Scripting Vulnerability (CNVD-2018-19866)
Open-AudIT is a network discovery and auditing program. The program intelligently scans networks and network devices and provides status reports. A cross-site scripting vulnerability exists in Orgs Page in Open-AudIT Professional Edition version 2.2.7. A remote attacker can exploit this...
Open-AudIT Professional Cross-Site Scripting Vulnerability
Open-AudIT Professional is a network discovery and auditing program. The program intelligently scans networks and network devices and provides status reports. A cross-site scripting vulnerability exists in Open-AudIT Professional version 2.1.1. A remote attacker can exploit this vulnerability to...
Open-AudIT Professional - 2.1.1 - Cross-Site Scripting Vulnerability
Exploit for windows platform in category web applications Exploit Title: Open-AudIT Professional 2.1.1 – Multiple Cross-Site Scripting Exploit Author: Tejesh Kolisetty Vendor Homepage: https://opmantek.com/ Software Link: https://opmantek.com/network-tools-download/ Affected Version: 2.1.1...
Open-AudIT Professional - 2.1.1 - Cross-Site Scripting
Exploit Title: Open-AudIT Professional 2.1.1 – Multiple Cross-Site Scripting Exploit Author: Tejesh Kolisetty Vendor Homepage: https://opmantek.com/ Software Link: https://opmantek.com/network-tools-download/ Affected Version: 2.1.1 Category: WebApps Tested on: Win7 Professional CVE : CVE-2018-91...
CVE-2018-9155
Cross-site scripting XSS vulnerability in Open-AudIT Professional 2.1.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name of a component, as demonstrated by the Admin-Logs section with a logs?logs.type= URI and the Manage-Attributes section via the "Name display"...
Cross site scripting
Cross-site scripting XSS vulnerability in Open-AudIT Professional 2.1.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name of a component, as demonstrated by the Admin-Logs section with a logs?logs.type= URI and the Manage-Attributes section via the "Name display"...
CVE-2018-9155
Cross-site scripting XSS vulnerability in Open-AudIT Professional 2.1.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name of a component, as demonstrated by the Admin-Logs section with a logs?logs.type= URI and the Manage-Attributes section via the "Name display"...
CVE-2018-9155
Cross-site scripting XSS vulnerability in Open-AudIT Professional 2.1.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name of a component, as demonstrated by the Admin-Logs section with a logs?logs.type= URI and the Manage-Attributes section via the "Name display"...
CVE-2018-9155
Cross-site scripting XSS vulnerability in Open-AudIT Professional 2.1.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name of a component, as demonstrated by the Admin-Logs section with a logs?logs.type= URI and the Manage-Attributes section via the "Name display"...
CVE-2018-9155
CVE-2018-9155 is an XSS in Open-AudIT Professional 2.1.1. A remote attacker can inject arbitrary script/HTML by a crafted Name (display) in attributes or by crafted log names in Admin->Logs, enabling scripted content in the UI. Connected sources confirm Open-AudIT Professional 2.1.1 as affecte...
Open-AudIT Professional Cross-Site Scripting Vulnerability
Open-AudIT Professional is a network discovery and auditing program. The program intelligently scans networks and network devices and provides status reports. A cross-site scripting vulnerability exists in Open-AudIT Professional version 2.1. A remote attacker can exploit this vulnerability to...
Open-AudIT Professional Open Redirect Vulnerability
Open-AudIT Professional is a network discovery and auditing program. The program intelligently scans networks and network devices and provides status reports. A security vulnerability exists in Open-AudIT Professional version 2.1. An attacker can exploit the vulnerability by sending the...
CVE-2018-8937
An issue was discovered in Open-AudIT Professional 2.1. It is possible to inject a malicious payload in the redirecturl parameter to the /login URI to trigger an open redirect. A "data:text/html;base64," payload can be used with JavaScript code...
CVE-2018-8937
An issue was discovered in Open-AudIT Professional 2.1. It is possible to inject a malicious payload in the redirecturl parameter to the /login URI to trigger an open redirect. A "data:text/html;base64," payload can be used with JavaScript code...
CVE-2018-8937
Open-AudIT Professional 2.1 contains an open redirect vulnerability triggered by injecting a malicious payload into the redirect_url parameter of the /login URI. The issue, described across multiple sources (including CVE-2018-8937 and CNVD/CVE records), can be exploited using a data:text/html;ba...