CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

seebug.org•added 2014/07/01 12:0 a.m.•23 views

Openedit <= 5.1294 - Remote Code Execution Exploit

No description provided by source. !/usr/bin/python Openedit = v5.1294 Remote Code Execution Exploit http://net-ninja.net/blog/?p=553 watch http://www.zeitgeistmovie.com/ Explanation: Vuln 1: Admin hash disclosure Vuln 2: Login with the hash Vuln 3: Unprotected file upload mrme@pluto openedit$ su...

7.1AI score

0day.today•added 2011/02/12 12:0 a.m.•12 views

Openedit <= v5.1294 Remote Code Execution Exploit

Exploit for jsp platform in category web applications !/usr/bin/python Openedit = v5.1294 Remote Code Execution Exploit http://net-ninja.net/blog/?p=553 watch http://www.zeitgeistmovie.com/ Explanation: Vuln 1: Admin hash disclosure Vuln 2: Login with the hash Vuln 3: Unprotected file upload...

7.1AI score

Packet Storm•added 2011/02/11 12:0 a.m.•24 views

Openedit 5.1294 Code Execution

!/usr/bin/python Openedit = v5.1294 Remote Code Execution Exploit http://net-ninja.net/blog/?p=553 watch http://www.zeitgeistmovie.com/ Explanation: Vuln 1: Admin hash disclosure Vuln 2: Login with the hash Vuln 3: Unprotected file upload mrme@pluto openedit$ sudo python ./openown.py -p...

7.4AI score

exploitpack•added 2011/02/11 12:0 a.m.•6 views

Openedit 5.1294 - Remote Code Execution

Openedit 5.1294 - Remote Code Execution...

1.8AI score

Exploit DB•added 2011/02/11 12:0 a.m.•17 views

Openedit 5.1294 - Remote Code Execution

7.4AI score

NVD•added 2009/02/23 3:30 p.m.•13 views

CVE-2008-6238

Cross-site scripting XSS vulnerability in archive/savedqueries/savequeryfinish.html in OpenEdit Digital Asset Management DAM before 5.2014 allows remote attackers to inject arbitrary web script or HTML via the name parameter...

4.3CVSS5.7AI score0.00329EPSS

NVD•added 2009/02/23 3:30 p.m.•9 views

CVE-2008-6239

Cross-site request forgery CSRF vulnerability in OpenEdit Digital Asset Management DAM before 5.2014 allows remote attackers to perform unspecified actions as arbitrary users via unknown vectors...

6.8CVSS7AI score0.00232EPSS

Exploits0References4

NVD•added 2009/02/23 3:30 p.m.•9 views

CVE-2008-6240

Cross-site scripting XSS vulnerability in data/views/index.html in OpenEdit Digital Asset Management DAM before 5.2014 allows remote attackers to inject arbitrary web script or HTML via the catalogid parameter...

4.3CVSS5.7AI score0.00357EPSS

Prion•added 2009/02/23 3:30 p.m.•12 views

Cross site scripting

4.3CVSS6.1AI score0.00329EPSS

Prion•added 2009/02/23 3:30 p.m.•6 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in OpenEdit Digital Asset Management DAM before 5.2014 allows remote attackers to perform unspecified actions as arbitrary users via unknown vectors...

6.8CVSS7.5AI score0.00232EPSS

Exploits0References4Affected Software1

Prion•added 2009/02/23 3:30 p.m.•10 views

Cross site scripting

4.3CVSS6.1AI score0.00357EPSS

Cvelist•added 2009/02/23 3:0 p.m.•18 views

CVE-2008-6240

5.7AI score0.00357EPSS

CVE•added 2009/02/23 3:0 p.m.•39 views

CVE-2008-6240

OpenEdit Digital Asset Management (DAM) contains a Cross-site Scripting (XSS) vulnerability in data/views/index.html, exploitable via the catalogid parameter. Affected software is OpenEdit DAM prior to version 5.2014. The vulnerability allows remote attackers to inject arbitrary web script or HTM...

4.3CVSS5.9AI score0.00357EPSS

CVE•added 2009/02/23 3:0 p.m.•45 views

CVE-2008-6238

The CVE-2008-6238 entry describes a Cross-site Scripting (XSS) vulnerability in OpenEdit Digital Asset Management (DAM) prior to version 5.2014. The flaw resides in archive/savedqueries/savequeryfinish.html where an attacker can inject arbitrary web script or HTML via the name parameter. The issu...

4.3CVSS5.9AI score0.00329EPSS

Cvelist•added 2009/02/23 3:0 p.m.•12 views

CVE-2008-6238

5.7AI score0.00329EPSS