70 matches found
CVE-2023-49488
A cross-site scripting XSS vulnerability in Openfiler ESA v2.99.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the nic parameter...
CVE-2011-1086
Cross-site scripting XSS vulnerability in admin/system.html in Openfiler 2.3 allows remote attackers to inject arbitrary web script or HTML via the device parameter...
CVE-2011-1086
Cross-site scripting XSS vulnerability in admin/system.html in Openfiler 2.3 allows remote attackers to inject arbitrary web script or HTML via the device parameter...
CVE-2011-1086
CVE-2011-1086 is an XSS vulnerability in Openfiler 2.3, affecting the admin/system.html page and exploitable via the device parameter to inject arbitrary script/HTML. The connected documents corroborate the issue across sources (NVD, Red Hat, CVE records, CNVD, etc.). The available materials do n...
Openfiler Cross-Site Scripting Vulnerability
Openfiler is an open source network storage solution. A cross-site scripting vulnerability exists in admin / system.html in Openfiler version 2.3, which can be exploited by remote attackers to inject arbitrary Web script or HTML with the help of the 'device' parameter...
CVE-2012-10040
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/openfilernetworkcardexec.rb 2025-10-23 21:12:56+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...
OpenFiler 2.99.1 - CSRF Vulnerability
No description provided by source. !-- Exploit Title: DoS via CSRF in openfiler Exploit author: Dolev Farhi @dolevff Date 07/05/2014 Vendor homepage: http://www.openfiler.com Affected Software version: 2.99.1 Alerted vendor: 7.5.14 CVE: N/A Software Description ===================== Openfiler is ...
CVE-2014-7190
Multiple cross-site request forgery CSRF vulnerabilities in Openfiler 2.99.1 allow remote attackers to hijack the authentication of administrators for requests that 1 shutdown or 2 reboot the server via a request to admin/systemshutdown.html...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in Openfiler 2.99.1 allow remote attackers to hijack the authentication of administrators for requests that 1 shutdown or 2 reboot the server via a request to admin/systemshutdown.html...
CVE-2014-7190
Openfiler 2.99.1 is affected by multiple CSRF vulnerabilities that allow remote attackers to hijack administrator sessions and trigger shutdown or reboot via a request to admin/system_shutdown.html. The underlying issue is CSRF in the admin interface that permits state-changing actions without pr...
CVE-2014-7190
Multiple cross-site request forgery CSRF vulnerabilities in Openfiler 2.99.1 allow remote attackers to hijack the authentication of administrators for requests that 1 shutdown or 2 reboot the server via a request to admin/systemshutdown.html...
OpenFiler 2.99.1 - Cross-Site Request Forgery
OpenFiler 2.99.1 - Cross-Site Request Forgery DoS...
OpenFiler 2.99.1 - CSRF Vulnerability
Exploit for php platform in category web applications DoS 0day.today 2018-03-28...
OpenFiler 2.99.1 - Cross-Site Request Forgery
DoS...
Openfiler 2.99.1 Denial Of Service
Exploit author: @dolevff Vendor homepage: http://www.openfiler.com Affected Software version: 2.99.1 latest Alerted vendor: 7.5.14 CVE-2014-7190 Software Description ===================== Openfiler is a network storage operating system. With the features we built into Openfiler, you can take...
OpenFiler 2.99.1 - Multiple persistent XSS Vulnerabilities
No description provided by source. Exploit Title: Multiple persistent XSS in Openfiler Exploit author: Dolev Farhi @f1nhack Date 07/05/2014 Vendor homepage: http://www.openfiler.com Affected Software version: 2.99.1 Alerted vendor: 7.5.14 Software Description ===================== Openfiler is a...
OpenFiler 2.99.1 - Arbitrary Code Execution
No description provided by source. Exploit Title: Arbitrary Code Execution in Openfiler Exploit author: Dolev Farhi @f1nhack Date 07/05/2014 Vendor homepage: http://www.openfiler.com Affected Software version: 2.99.1 Alerted vendor: 7.5.14 Software Description ===================== Openfiler is a...
Openfiler 2.x - NetworkCard Command Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
CVE-2014-4309
Multiple cross-site scripting XSS vulnerabilities in Openfiler 2.99 allow remote attackers to inject arbitrary web script or HTML via the 1 TinkerAjax parameter to uptime.html, or remote authenticated users to inject arbitrary web script or HTML via the 2 MaxInstances, 3 PassivePorts, 4 Port, 5...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Openfiler 2.99 allow remote attackers to inject arbitrary web script or HTML via the 1 TinkerAjax parameter to uptime.html, or remote authenticated users to inject arbitrary web script or HTML via the 2 MaxInstances, 3 PassivePorts, 4 Port, 5...