967 matches found
Code injection
OpenStack Ironic Inspector aka ironic-inspector or ironic-discoverd, when debug mode is enabled, might allow remote attackers to access the Flask console and execute arbitrary Python code by triggering an error...
PYSEC-2015-28
OpenStack Ironic Inspector aka ironic-inspector or ironic-discoverd, when debug mode is enabled, might allow remote attackers to access the Flask console and execute arbitrary Python code by triggering an error...
CVE-2015-5306
OpenStack Ironic Inspector aka ironic-inspector or ironic-discoverd, when debug mode is enabled, might allow remote attackers to access the Flask console and execute arbitrary Python code by triggering an error...
CVE-2015-5306
CVE-2015-5306 affects OpenStack Ironic Inspector (ironic-inspector/ironic-discoverd). When Flask debug mode is enabled, an error can expose the Flask debug console, potentially allowing a remote attacker to execute arbitrary Python code. The vulnerability is documented in OSV and Red Hat advisori...
CVE-2015-5306
OpenStack Ironic Inspector aka ironic-inspector or ironic-discoverd, when debug mode is enabled, might allow remote attackers to access the Flask console and execute arbitrary Python code by triggering an error...
PT-2015-6843 · Openstack · Openstack Ironic Inspector
Name of the Vulnerable Software and Affected Versions: OpenStack Ironic Inspector affected versions not specified Description: The issue allows remote attackers to access the Flask console and execute arbitrary Python code by triggering an error when debug mode is enabled. Recommendations: At the...
net-snmp security and bug fix update
1:5.7.2-24 - Fixed lmSensorsTable not reporting sensors with duplicate names 1252053 - Fixed close overhead of extend commands 1252048 - Fixed out-of-bounds write in python code 1252034 1:5.7.2-23 - Fixed parsing of invalid variables in incoming packets 1248414 - Fixed...
SuperScan 4.1 - Windows Enumeration HostnameIPURL Field Overflow (SEH)
SuperScan 4.1 - Windows Enumeration HostnameIPURL Field Overflow SEH !/usr/bin/env python -- coding: utf-8 -- Exploit Title : SuperScan 4.1 Windows Enumeration Hostname/IP/URL Field SEH Overflow Crash PoC Discovery by : Luis Martínez Email : [email protected] Discovery Date : 18/11/2015...
QNap QVR Client 5.1.0.11290 - Crash PoC
Exploit for windows platform in category dos / poc !/usr/bin/env python -- coding: utf-8 -- Exploit Title : QNap QVR Client 5.1.0.11290 Crash PoC Discovery by : Luis Martínez Email : email protected Discovery Date : 05/11/2015 Vendor Homepage: http://www.qnapsecurity.com/n/en/ Software Link :...
CDex Genre 1.79 Stack Buffer Overflow
''' Exploit Title: CDex Genre Stack Buffer Overflow Date: 10/9/2015 Exploit Author: UnN0n Software Link: http://cdex.mu/download Version: 1.79 Tested on: Windows 7 x8632 BIT Steps to Produce the Crash: 1- Generate a File by python code mentioned below. 2- Goto...
Palo Alto Networks Panorama PAN-OS < 6.0.1 Firmware Signature Verification Bypass Arbitrary Code Execution
The remote Panorama appliance is running a version of Palo Alto Networks PAN-OS prior to 6.0.1. It is, therefore, affected by a firmware signature bypass vulnerability due to a flaw in signature verification process that allows an attacker to execute arbitrary Python code within an image file...
CVE-2014-2331
CheckMK 1.2.2p2, 1.2.2p3, and 1.2.3i5 allows remote authenticated users to execute arbitrary Python code via a crafted rules.mk file in a snapshot. NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2330...
Code injection
CheckMK 1.2.2p2, 1.2.2p3, and 1.2.3i5 allows remote authenticated users to execute arbitrary Python code via a crafted rules.mk file in a snapshot. NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2330...
CVE-2014-2331
CheckMK 1.2.2p2, 1.2.2p3, and 1.2.3i5 allows remote authenticated users to execute arbitrary Python code via a crafted rules.mk file in a snapshot. NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2330...
Netsparker 2.3.x - Remote Code Execution
!/usr/bin/python Title : Netsparker 2.3.X - Remote Code Execution Tested on Netsparker 2.3.x / Win 7 Author : Hesam Bazvand E-Mail : [email protected] FaceBook : https://www.facebook.com/hesam.king73 Twitter : https://twitter.com/hesamking73 Exploit MS14-064 CVE2014-6332 1 . run python code...
Netsparker 2.3.x - Remote Code Execution
Netsparker 2.3.x - Remote Code Execution !/usr/bin/python Title : Netsparker 2.3.X - Remote Code Execution Tested on Netsparker 2.3.x / Win 7 Author : Hesam Bazvand E-Mail : [email protected] FaceBook : https://www.facebook.com/hesam.king73 Twitter : https://twitter.com/hesamking73 Exploit...
Acunetix Web Vulnerability Scanner 9.5 - Crash (PoC)
!/usr/bin/env python Title : Acunetix Web Vulnerability Scanner 9.5 - Crash Proof Of Concept Website : https://www.acunetix.com Tested : win 7 / win 8.1 / win vista Author : Hadi Zomorodi Monavar Email : [email protected] 1 . run python code : python poc.py 2 . open hadi.txt and copy content...
CVE-2015-3446
The Framework Daemon in AlienVault Unified Security Management before 4.15 allows remote attackers to execute arbitrary Python code via a crafted plugin configuration file .cfg...
Code injection
The Framework Daemon in AlienVault Unified Security Management before 4.15 allows remote attackers to execute arbitrary Python code via a crafted plugin configuration file .cfg...
CVE-2015-3446
The Framework Daemon in AlienVault Unified Security Management before 4.15 allows remote attackers to execute arbitrary Python code via a crafted plugin configuration file .cfg...