Lucene search
+L

4721 matches found

cnvd
cnvd
added 2017/07/11 12:0 a.m.6 views

niushop_b2c Pay.php has xml entity injection vulnerability

Niushop open source mall National first commercial free four-in-one completely open source 100% open source The country's first set of B2B2C multi-user mall + micro letter micro-distribution + e-commerce platform investment operation + iOS, Android multi-platform client PHP open source e-commerce...

7.6AI score
Exploits0
citrix
citrix
added 2017/06/08 12:0 a.m.8 views

SCOM "StoreFront Store Service Probe Status" failure on credentials

When the store is configured with “Trusted Domains Only”, alerts may be logged in the Operation manager console stating that the Storefront Store Service Probe failed withError description: "Could not get credentials" More information can be obtain about the authentication attempt by enabling...

6.9AI score
Exploits0
kitploit
kitploit
added 2017/06/01 3:12 p.m.57 views

probeSniffer - A Tool for Sniffing Unencrypted Wireless Probe Requests from Devices

| | \ / | \ / / | | | | |/ | \ | o | D | | o / | || || | / | D | /| /| O | | \ | | || || | | || | / | | | | | O | / \ | | || || | | | \ | | | . | | | \ | | || || | | | | | . \ || |||/|||||||| || |||| v2.1 by David SchĂźtz @xdavidhu A tool for sniffing unencrypted wireless probe requests...

7.8AI score
Exploits0References1
kitploit
kitploit
added 2017/05/18 3:12 p.m.22 views

XSS'OR - Hack with JavaScript

XSS'OR is a free online tool for hacking with JavaScript. It contains three major modules: 1. Encode/Decode The Encode/Decode module, including: front-end encryption and decryption; code compression, decompression, beautification, the implementation of testing; character set conversion, hash...

6.9AI score
Exploits0
metasploit
metasploit
added 2017/05/02 9:19 p.m.39 views

Module to Probe Different Data Points in a CAN Packet

Scans between two CAN IDs and writes data at each byte position. It will either write a set byte value Default 0xFF or iterate through all possible values of that byte position takes much longer. Does not check for responses and is basically a simple blind fuzzer. This module requires Metasploit:...

0.1AI score
Exploits0
osv
osv
added 2017/04/20 10:59 p.m.4 views

CVE-2017-6614

A vulnerability in the file-download feature of the web user interface for Cisco FindIT Network Probe Software 1.0.0 could allow an authenticated, remote attacker to download and view any system file by using the affected software. The vulnerability is due to the absence of role-based access...

6.5CVSS5.8AI score0.01738EPSS
Exploits0References2
prion
prion
added 2017/04/20 10:59 p.m.19 views

Design/Logic Flaw

A vulnerability in the file-download feature of the web user interface for Cisco FindIT Network Probe Software 1.0.0 could allow an authenticated, remote attacker to download and view any system file by using the affected software. The vulnerability is due to the absence of role-based access...

6.8CVSS6.4AI score0.01738EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2017/04/20 10:0 p.m.22 views

CVE-2017-6614

A vulnerability in the file-download feature of the web user interface for Cisco FindIT Network Probe Software 1.0.0 could allow an authenticated, remote attacker to download and view any system file by using the affected software. The vulnerability is due to the absence of role-based access...

6.5AI score0.01738EPSS
Exploits0References2
cve
cve
added 2017/04/20 10:0 p.m.49 views

CVE-2017-6614

Cisco FindIT Network Probe Software 1.0.0 is affected by CVE-2017-6614 due to missing RBAC for file-download requests in its web UI. An authenticated, remote attacker could send a crafted HTTP request to download and view arbitrary system files using the affected software. Exploitation details an...

6.8CVSS6.5AI score0.01738EPSS
Exploits0References2Affected Software1
cnvd
cnvd
added 2017/04/20 12:0 a.m.6 views

Cisco FindIT Network Probe Information Disclosure Vulnerability

Cisco FindIT is the United States Cisco Cisco company introduced a set of network management software. An information disclosure vulnerability exists in the Cisco FindIT network probe. An attacker could exploit this vulnerability to obtain sensitive information on the target system...

6.8CVSS6.1AI score0.01738EPSS
Exploits0References1
cisco
cisco
added 2017/04/19 4:0 p.m.62 views

Cisco FindIT Network Probe Information Disclosure Vulnerability

A vulnerability in the file-download feature of the web user interface for Cisco FindIT Network Probe Software could allow an authenticated, remote attacker to download and view any system file by using the affected software. The vulnerability is due to the absence of role-based access control RB...

6.5CVSS6.5AI score0.01738EPSS
Exploits0References1
citrix
citrix
added 2017/03/30 12:0 a.m.9 views

Helpful SR CLI commands

Probe the SR: xe sr-probe type=lvmohba device-config:device=/dev/disk/by-id/scsi- xe sr-probe type=lvmoiscsi device-config:target= device-config:targetIQN= xe sr-probe type=nfs device-config:server= device-config:serverpath=/path/to/export Introduce the existing SR to XenServer: xe sr-introduce...

7AI score
Exploits0
kitploit
kitploit
added 2017/02/26 1:55 p.m.15 views

WIFI Client Detection - Identify People By Assigning A Name To A Device Performing A Wireless Probe Request

WIFI Client Detection - Identify people by assigning a name to a device performing a wireless probe request. Download WIFI Client Detection...

7.2AI score
Exploits0References1
ubuntucve
ubuntucve
added 2017/01/27 12:0 a.m.38 views

CVE-2016-10002

Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack requests can easily be crafted by a client to prob...

7.5CVSS6.7AI score0.06766EPSS
Exploits0References4
n0where
n0where
added 2017/01/09 6:35 a.m.18 views

Real Time Network Monitoring: Cyberprobe

Real Time Network Monitoring Cyberprobe is a distrbuted architecture for real-time monitoring of networks against attack. The software consists of a number of components, including: a probe, which collects data packets and forwards it over a network in standard streaming protocols. a monitor, whi...

Exploits0
redhat
redhat
added 2016/11/03 8:8 a.m.11 views

kernel: Kernel memory leakage to ethernet frames due to buffer overflow in ethernet drivers

It was discovered that the atl2probe function in the Atheros L2 Ethernet driver in the Linux kernel incorrectly enabled scatter/gather I/O. A remote attacker could use this flaw to obtain potentially sensitive information from the kernel memory...

7.5CVSS7.2AI score0.06386EPSS
Exploits0References4
bdu_fstec
bdu_fstec
added 2016/11/03 12:0 a.m.8 views

The vulnerability of the iowarrior_probe function in the Linux operating system, related to the assignment of the NULL pointer, allows a hacker to trigger a service failure.

The vulnerability of the iowarriorprobe function in the Linux operating system is related to an error at the endpoint descriptor of the USB device. Exploiting this vulnerability can allow an attacker to cause a service failure...

4.9CVSS6.4AI score0.01814EPSS
Exploits3References68Affected Software2
bdu_fstec
bdu_fstec
added 2016/11/03 12:0 a.m.5 views

The vulnerability of the loaded module for kernel drivers/staging/media/lirc/lirc_imon.ko in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the loaded module containing the Linux kernel’s drivers/staging/media/lirc/lircimon.ko is related to mutual locking in the implementation of the imonprobe handler. Exploiting this vulnerability allows an attacker to cause a system failure when connecting the SoundGraph iMON...

6.2CVSS5.5AI score
Exploits0References2Affected Software2
citrix
citrix
added 2016/09/19 12:0 a.m.7 views

NetScaler StoreFront Monitor Probe Fails on StoreFront 3.5

When we bind the StoreFront monitor to our StoreFront 3.5 servers, every hour there is an entry on the dashboard and system log that there is a failure - probe failed...

7AI score
Exploits0
kitploit
kitploit
added 2016/08/29 7:30 p.m.136 views

WiFi-Pumpkin v0.8.1 - Framework for Rogue Wi-Fi Access Point Attack

Framework for Rogue Wi-Fi Access Point Attack Description WiFi-Pumpkin is a open source security tool that provides the Rogue access point to Man-In-The-Middle and network attacks. Installation Kali 2.0/WifiSlax 4.11.1/Parrot 3.0.1/2.0.5 Python 2.7 git clone...

7.2AI score
Exploits0References8
Rows per page
Query Builder