Lucene search
+L

73 matches found

Positive Technologies
Positive Technologies
added 2022/11/30 12:0 a.m.5 views

PT-2022-25850 · Perfsonar · Perfsonar

Name of the Vulnerable Software and Affected Versions: perfSONAR versions 4.x through 4.4.5 Description: The issue is a Cross-Site Request Forgery CSRF that occurs when an attacker injects crafted input into the Search function. Recommendations: For versions 4.x through 4.4.5, consider disabling...

4.3CVSS4.5AI score0.01991EPSS
Exploits4References7
Cvelist
Cvelist
added 2022/11/30 12:0 a.m.47 views

CVE-2022-41413

perfSONAR v4.x = v4.4.5 was discovered to contain a Cross-Site Request Forgery CSRF which is triggered when an attacker injects crafted input into the Search function...

5AI score0.01991EPSS
Exploits4References3
Cvelist
Cvelist
added 2022/11/30 12:0 a.m.33 views

CVE-2022-41412

An issue in the graphData.cgi component of perfSONAR v4.4.5 and prior allows attackers to access sensitive data and execute Server-Side Request Forgery SSRF attacks...

8.9AI score0.04088EPSS
Exploits1References2
CVE
CVE
added 2022/11/30 12:0 a.m.57 views

CVE-2022-41413

CVE-2022-41413 affects perfSONAR v4.x through v4.4.5, with a Cross-Site Request Forgery (CSRF) vulnerability triggered when crafted input is injected into the Search function. The issue is a partial blind CSRF that can cause the client to issue background requests to arbitrary URLs, bypassing the...

4.3CVSS4.7AI score0.01991EPSS
Exploits4References3Affected Software1
CNNVD
CNNVD
added 2022/11/30 12:0 a.m.6 views

perfSONAR 跨站请求伪造漏洞

perfSONAR is a widely deployed test and measurement infrastructure used by scientific networks and facilities around the world to monitor and ensure network performance. A security vulnerability exists in perfSONAR versions v4.x through v4.4.5 that stems from the inclusion of cross-site request...

4.3CVSS5AI score0.01991EPSS
Exploits4References7
CVE
CVE
added 2022/11/30 12:0 a.m.82 views

CVE-2022-41412

CVE-2022-41412 affects perfSONAR's graphData.cgi in v4.4.5 and earlier, enabling unauthenticated SSRF and access to internal resources/data. The root cause is improper handling of URL parameters in graphData.cgi, allowing attackers to proxy/relay HTTP(S) requests through the server. Impact is dat...

8.6CVSS8.6AI score0.04088EPSS
In wildExploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/30 12:0 a.m.7 views

CVE-2022-41413

perfSONAR v4.x = v4.4.5 was discovered to contain a Cross-Site Request Forgery CSRF which is triggered when an attacker injects crafted input into the Search function...

4.7AI score0.01991EPSS
Exploits4References3
GithubExploit
GithubExploit
added 2022/11/29 2:42 a.m.9 views

Exploit for Cross-Site Request Forgery (CSRF) in Perfsonar

Vendor: perfSONAR Link: https://github.com/perfsonar/ Affected V...

4.3CVSS7.2AI score0.01991EPSS
Exploits4
GithubExploit
GithubExploit
added 2022/11/29 2:39 a.m.9 views

Exploit for Server-Side Request Forgery in Perfsonar

Vendor: perfSONAR Link: https://github.com/perfsonar/ Affected V...

8.6CVSS7.4AI score0.04088EPSS
Exploits1
Packet Storm
Packet Storm
added 2018/06/21 12:0 a.m.43 views

MaDDash 2.0.2 Directory Listing

Exploit Title: MaDDash 2.0.2 - Directory Listing Date: 2018-06-18 Vendor: perfSONAR Download Link: https://github.com/esnet/maddash/archive/master.zip Version: 2.0.2 Exploit Author: ManhNho CVE: CVE-2018-12522,CVE-2018-12523,CVE-2018-12524,CVE-2018-12525 Category: Webapps Tested on: Windows 7 ---...

5.2AI score0.07224EPSS
Exploits8
CNVD
CNVD
added 2018/06/20 12:0 a.m.7 views

perfSONAR Monitoring and Debugging Dashboard Information Disclosure Vulnerability (CNVD-2018-23861)

The perfSONAR Monitoring and Debugging Dashboard MaDDash is a suite of tools for collecting two-dimensional data and presenting it visually. A security vulnerability exists in perfSONAR MaDDash. The vulnerability can be exploited to obtain directory listings and potentially disclose sensitive...

5.3CVSS5.1AI score0.07224EPSS
Exploits5References1
CNVD
CNVD
added 2018/06/20 12:0 a.m.5 views

perfSONAR Monitoring and Debugging Dashboard Information Disclosure Vulnerability (CNVD-2018-23860)

The perfSONAR Monitoring and Debugging Dashboard MaDDash is a suite of tools for collecting two-dimensional data and presenting it visually. A security vulnerability exists in perfSONAR MaDDash. The vulnerability can be exploited to obtain directory listings and potentially disclose sensitive...

5.3CVSS5.1AI score0.07224EPSS
Exploits5References1
CNVD
CNVD
added 2018/06/20 12:0 a.m.8 views

perfSONAR Monitoring and Debugging Dashboard Information Disclosure Vulnerability (CNVD-2018-23859)

The perfSONAR Monitoring and Debugging Dashboard MaDDash is a suite of tools for collecting two-dimensional data and presenting it visually. A security vulnerability exists in perfSONAR MaDDash. The vulnerability can be exploited by sending a direct request to /etc/ to obtain a directory listing...

5.3CVSS5.3AI score0.07224EPSS
Exploits5References1
CNVD
CNVD
added 2018/06/20 12:0 a.m.8 views

perfSONAR Monitoring and Debugging Dashboard Information Disclosure Vulnerability

The perfSONAR Monitoring and Debugging Dashboard MaDDash is a suite of tools for collecting two-dimensional data and presenting it visually. A security vulnerability exists in perfSONAR MaDDash. The vulnerability can be exploited to obtain directory listings and potentially disclose sensitive...

5.3CVSS5.1AI score0.07224EPSS
Exploits5References1
0day.today
0day.today
added 2018/06/20 12:0 a.m.53 views

MaDDash 2.0.2 - Directory Listing Vulnerability

Exploit for java platform in category local exploits Exploit Title: MaDDash 2.0.2 - Directory Listing Vendor: perfSONAR Download Link: https://github.com/esnet/maddash/archive/master.zip Version: 2.0.2 Exploit Author: ManhNho CVE: CVE-2018-12522,CVE-2018-12523,CVE-2018-12524,CVE-2018-12525...

5.2AI score0.07224EPSS
Exploits8
Exploit DB
Exploit DB
added 2018/06/20 12:0 a.m.52 views

MaDDash 2.0.2 - Directory Listing

Exploit Title: MaDDash 2.0.2 - Directory Listing Date: 2018-06-18 Vendor: perfSONAR Download Link: https://github.com/esnet/maddash/archive/master.zip Version: 2.0.2 Exploit Author: ManhNho CVE: CVE-2018-12522,CVE-2018-12523,CVE-2018-12524,CVE-2018-12525 Category: Webapps Tested on: Windows 7 ---...

5.3CVSS5.2AI score0.07224EPSS
Exploits8
NVD
NVD
added 2018/06/18 11:29 a.m.22 views

CVE-2018-12525

An issue was discovered in perfSONAR Monitoring and Debugging Dashboard MaDDash 2.0.2. A direct request to /images/ provides a directory listing...

5.3CVSS5.2AI score0.07224EPSS
Exploits5References2
NVD
NVD
added 2018/06/18 11:29 a.m.23 views

CVE-2018-12522

An issue was discovered in perfSONAR Monitoring and Debugging Dashboard MaDDash 2.0.2. A direct request to /style/ provides a directory listing...

5.3CVSS5.2AI score0.07224EPSS
Exploits5References2
OSV
OSV
added 2018/06/18 11:29 a.m.22 views

CVE-2018-12522

An issue was discovered in perfSONAR Monitoring and Debugging Dashboard MaDDash 2.0.2. A direct request to /style/ provides a directory listing...

5.3CVSS5.5AI score
Exploits0References2
OSV
OSV
added 2018/06/18 11:29 a.m.13 views

CVE-2018-12525

An issue was discovered in perfSONAR Monitoring and Debugging Dashboard MaDDash 2.0.2. A direct request to /images/ provides a directory listing...

5.3CVSS5.5AI score
Exploits0References2
Rows per page
Query Builder