73 matches found
PT-2022-25850 · Perfsonar · Perfsonar
Name of the Vulnerable Software and Affected Versions: perfSONAR versions 4.x through 4.4.5 Description: The issue is a Cross-Site Request Forgery CSRF that occurs when an attacker injects crafted input into the Search function. Recommendations: For versions 4.x through 4.4.5, consider disabling...
CVE-2022-41413
perfSONAR v4.x = v4.4.5 was discovered to contain a Cross-Site Request Forgery CSRF which is triggered when an attacker injects crafted input into the Search function...
CVE-2022-41412
An issue in the graphData.cgi component of perfSONAR v4.4.5 and prior allows attackers to access sensitive data and execute Server-Side Request Forgery SSRF attacks...
CVE-2022-41413
CVE-2022-41413 affects perfSONAR v4.x through v4.4.5, with a Cross-Site Request Forgery (CSRF) vulnerability triggered when crafted input is injected into the Search function. The issue is a partial blind CSRF that can cause the client to issue background requests to arbitrary URLs, bypassing the...
perfSONAR 跨站请求伪造漏洞
perfSONAR is a widely deployed test and measurement infrastructure used by scientific networks and facilities around the world to monitor and ensure network performance. A security vulnerability exists in perfSONAR versions v4.x through v4.4.5 that stems from the inclusion of cross-site request...
CVE-2022-41412
CVE-2022-41412 affects perfSONAR's graphData.cgi in v4.4.5 and earlier, enabling unauthenticated SSRF and access to internal resources/data. The root cause is improper handling of URL parameters in graphData.cgi, allowing attackers to proxy/relay HTTP(S) requests through the server. Impact is dat...
CVE-2022-41413
perfSONAR v4.x = v4.4.5 was discovered to contain a Cross-Site Request Forgery CSRF which is triggered when an attacker injects crafted input into the Search function...
Exploit for Cross-Site Request Forgery (CSRF) in Perfsonar
Vendor: perfSONAR Link: https://github.com/perfsonar/ Affected V...
Exploit for Server-Side Request Forgery in Perfsonar
Vendor: perfSONAR Link: https://github.com/perfsonar/ Affected V...
MaDDash 2.0.2 Directory Listing
Exploit Title: MaDDash 2.0.2 - Directory Listing Date: 2018-06-18 Vendor: perfSONAR Download Link: https://github.com/esnet/maddash/archive/master.zip Version: 2.0.2 Exploit Author: ManhNho CVE: CVE-2018-12522,CVE-2018-12523,CVE-2018-12524,CVE-2018-12525 Category: Webapps Tested on: Windows 7 ---...
perfSONAR Monitoring and Debugging Dashboard Information Disclosure Vulnerability (CNVD-2018-23861)
The perfSONAR Monitoring and Debugging Dashboard MaDDash is a suite of tools for collecting two-dimensional data and presenting it visually. A security vulnerability exists in perfSONAR MaDDash. The vulnerability can be exploited to obtain directory listings and potentially disclose sensitive...
perfSONAR Monitoring and Debugging Dashboard Information Disclosure Vulnerability (CNVD-2018-23860)
The perfSONAR Monitoring and Debugging Dashboard MaDDash is a suite of tools for collecting two-dimensional data and presenting it visually. A security vulnerability exists in perfSONAR MaDDash. The vulnerability can be exploited to obtain directory listings and potentially disclose sensitive...
perfSONAR Monitoring and Debugging Dashboard Information Disclosure Vulnerability (CNVD-2018-23859)
The perfSONAR Monitoring and Debugging Dashboard MaDDash is a suite of tools for collecting two-dimensional data and presenting it visually. A security vulnerability exists in perfSONAR MaDDash. The vulnerability can be exploited by sending a direct request to /etc/ to obtain a directory listing...
perfSONAR Monitoring and Debugging Dashboard Information Disclosure Vulnerability
The perfSONAR Monitoring and Debugging Dashboard MaDDash is a suite of tools for collecting two-dimensional data and presenting it visually. A security vulnerability exists in perfSONAR MaDDash. The vulnerability can be exploited to obtain directory listings and potentially disclose sensitive...
MaDDash 2.0.2 - Directory Listing Vulnerability
Exploit for java platform in category local exploits Exploit Title: MaDDash 2.0.2 - Directory Listing Vendor: perfSONAR Download Link: https://github.com/esnet/maddash/archive/master.zip Version: 2.0.2 Exploit Author: ManhNho CVE: CVE-2018-12522,CVE-2018-12523,CVE-2018-12524,CVE-2018-12525...
MaDDash 2.0.2 - Directory Listing
Exploit Title: MaDDash 2.0.2 - Directory Listing Date: 2018-06-18 Vendor: perfSONAR Download Link: https://github.com/esnet/maddash/archive/master.zip Version: 2.0.2 Exploit Author: ManhNho CVE: CVE-2018-12522,CVE-2018-12523,CVE-2018-12524,CVE-2018-12525 Category: Webapps Tested on: Windows 7 ---...
CVE-2018-12525
An issue was discovered in perfSONAR Monitoring and Debugging Dashboard MaDDash 2.0.2. A direct request to /images/ provides a directory listing...
CVE-2018-12522
An issue was discovered in perfSONAR Monitoring and Debugging Dashboard MaDDash 2.0.2. A direct request to /style/ provides a directory listing...
CVE-2018-12522
An issue was discovered in perfSONAR Monitoring and Debugging Dashboard MaDDash 2.0.2. A direct request to /style/ provides a directory listing...
CVE-2018-12525
An issue was discovered in perfSONAR Monitoring and Debugging Dashboard MaDDash 2.0.2. A direct request to /images/ provides a directory listing...