SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities

Document Title: =============== SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1314 Release Date: ============= 2015-03-23 Vulnerability Laboratory ID VL-ID: ==================================== 1314...

Ebay Inc Xcom #4 - (Item Preview) Persistent Vulnerability

Document Title: =============== Ebay Inc Xcom 4 - Item Preview Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1215 Release Date: ============= 2015-03-23 Vulnerability Laboratory ID VL-ID: ==================================== 12...

Telescope 0.9.2 - Markdown Persistent Cross-Site Scripting

Exploit Title: Persistent XSS via Markdown on Telescope = 0.9.2 Date: Aug 22 2014 Exploit Author: shubs Vendor Homepage: http://www.telescopeapp.org/ Software Link: https://github.com/TelescopeJS/Telescope Version: = 0.9.2 CVE : CVE-2014-5144 Telescope 0.9.2 and below suffer from a persistent cro...

Moodle 2.5.9/2.6.8/2.7.5/2.8.3 - Block Title Handler Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Moodle 2.5.9/2.6.8/2.7.5/2.8.3 Block Title Handler Cross-Site Scripting Vendor: Moodle Pty Ltd Product web page: https://www.moodle.org Affected version: 2.8.3, 2.7.5, 2.6.8 and 2.5.9 Summary: Moodle is a learning platform designed to provide...

Stealthy, Persistent DLL Hijacking Works Against OS X

DLL hijacking has plagued Windows machines back as far as 2000 and provides hackers with a quiet way to gain persistence on a vulnerable machine, or remotely exploit a vulnerable application. And now it’s come to Apple’s Mac OS X. This week at the CanSecWest conference in Vancouver, Synack direct...

Moodle 2.5.9 / 2.6.8 / 2.7.5 / 2.8.3 Cross Site Scripting

Moodle 2.5.9/2.6.8/2.7.5/2.8.3 Block Title Handler Cross-Site Scripting Vendor: Moodle Pty Ltd Product web page: https://www.moodle.org Affected version: 2.8.3, 2.7.5, 2.6.8 and 2.5.9 Summary: Moodle is a learning platform designed to provide educators, administrators and learners with a single...

Moodle 2.5.92.6.82.7.52.8.3 - Block Title Handler Cross-Site Scripting

Moodle 2.5.92.6.82.7.52.8.3 - Block Title Handler Cross-Site Scripting Moodle 2.5.9/2.6.8/2.7.5/2.8.3 Block Title Handler Cross-Site Scripting Vendor: Moodle Pty Ltd Product web page: https://www.moodle.org Affected version: 2.8.3, 2.7.5, 2.6.8 and 2.5.9 Summary: Moodle is a learning platform...

Moodle 2.5.9/2.6.8/2.7.5/2.8.3 - Block Title Handler Cross-Site Scripting

Moodle 2.5.9/2.6.8/2.7.5/2.8.3 Block Title Handler Cross-Site Scripting Vendor: Moodle Pty Ltd Product web page: https://www.moodle.org Affected version: 2.8.3, 2.7.5, 2.6.8 and 2.5.9 Summary: Moodle is a learning platform designed to provide educators, administrators and learners with a single...

WoltLab Community Gallery - Persistent Cross-Site Scripting

WoltLab Community Gallery - Persistent Cross-Site Scripting Vulnerability title: Community Gallery - Stored Cross-Site Scripting vulnerability Product: Community Gallery Vendor: https://www.woltlab.com Affected version: Community Gallery 2.0 before 12/10/2014 Download link:...

WoltLab Community Gallery - Persistent Cross-Site Scripting

Vulnerability title: Community Gallery - Stored Cross-Site Scripting vulnerability Product: Community Gallery Vendor: https://www.woltlab.com Affected version: Community Gallery 2.0 before 12/10/2014 Download link: https://www.woltlab.com/purchase/?products=com.woltlab.gallery Fixed version:...

GeniXCMS 0.0.1 Cross Site Scripting

GeniXCMS v0.0.1 Persistent Script Insertion Vulnerability Vendor: MetalGenix Product web page: http://www.genixcms.org Affected version: 0.0.1 Summary: GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight of CMSF. Very suitable for Intermediate PHP...

GeniXCMS 0.0.1 - Multiple Vulnerabilities

Exploit for php platform in category web applications GeniXCMS v0.0.1 Remote Unauthenticated SQL Injection Exploit Vendor: MetalGenix Product web page: http://www.genixcms.org Affected version: 0.0.1 Summary: GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and...

GeniXCMS 0.0.1 - Multiple Vulnerabilities

GeniXCMS v0.0.1 Remote Unauthenticated SQL Injection Exploit Vendor: MetalGenix Product web page: http://www.genixcms.org Affected version: 0.0.1 Summary: GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight of CMSF. Very suitable for Intermediate...

Persistent Systems Radia Client Automation Command Execution (CVE-2015-1497)

A command execution vulnerability exists in Persistent Systems Radia Client Automation. The vulnerability is due to missing authentication while processing requests to the radexecd process. A remote unauthenticated attacker can exploit this vulnerability by sending crafted requests to the affecte...

Untangle NGFW 9 / 10 / 11 XSS / Code Execution

Multiple issues have been discovered in the Untangle NGFW virtual appliance. The vendor was unresponsive and uncooperative to the researcher. - Persistent XSS leading to root Authentication requiredConfirmed in versions 9 and 11 up to rev r39357 Throughout the Untangle user interface there are...

Persistent Systems Client Automation Command Injection RCE Exploit

Exploit for windows platform in category remote exploits Exploit Title: Persistent Systems Client Automation PSCA, formerly HPCA or Radia Command Injection Remote Code Execution Vulnerability Date: 2014-10-01 Exploit Author: Ben Turner Vendor Homepage: Previosuly HP, now...

Persistent Systems Client Automation - Command Injection Remote Code Execution (Metasploit)

Persistent Systems Client Automation - Command Injection Remote Code Execution Metasploit Exploit Title: Persistent Systems Client Automation PSCA, formerly HPCA or Radia Command Injection Remote Code Execution Vulnerability Date: 2014-10-01 Exploit Author: Ben Turner Vendor Homepage: Previosuly...

Persistent Systems Client Automation - Command Injection Remote Code Execution (Metasploit)

Exploit Title: Persistent Systems Client Automation PSCA, formerly HPCA or Radia Command Injection Remote Code Execution Vulnerability Date: 2014-10-01 Exploit Author: Ben Turner Vendor Homepage: Previosuly HP, now http://www.persistentsys.com/ Version: 7.9, 8.1, 9.0, 9.1 Tested on: Windows XP,...

HP Client Automation Command Injection

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'HP Client Automation Command Injection', 'Description' = %q This module exploits a command injection vulnerability on HP Client...

HP Client - Automation Command Injection (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'HP Client Automation Command Injection', 'Description' = %q This module exploits a command injection vulnerability on HP Client...