9 matches found
📄 Monsta FTP 2.11 Remote File Injection
This Metasploit module exploits a vulnerability in Monsta FTP version 2.11 and enables remote file injection by creating a malicious FTP server. The application builds this server to upload a malicious PHP file reverse shell. After the file is uploaded, the module immediately verifies the...
GHSA-8FH4-942R-JF2G LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/services.inc.php
Summary A Stored Cross-Site Scripting XSS vulnerability in the "Services" tab of the Device page allows authenticated users to inject arbitrary JavaScript through the "descr" parameter when adding a service to a device. This vulnerability could result in the execution of malicious code in the...
CVE-2020-6167
A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.10, allows a CSRF attack to enable maintenance mode, inject XSS, modify several important settings, or include remote files as a logo...
Cisco Unified Intelligence Center Remote File Injection Vulnerability
A vulnerability in the dashboard gadget rendering of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to obtain or manipulate sensitive information between a user's browser and Cisco Unified Intelligence Center. The vulnerability is due to the lack of gadget...
CVE-2019-1860 Cisco Unified Intelligence Center Remote File Injection Vulnerability
A vulnerability in the dashboard gadget rendering of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to obtain or manipulate sensitive information between a users browser and Cisco Unified Intelligence Center. The vulnerability is due to the lack of gadget...
Cisco Unified Intelligence Center Remote File Injection Vulnerability
A vulnerability in the dashboard gadget rendering of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to obtain or manipulate sensitive information between a user’s browser and Cisco Unified Intelligence Center. The vulnerability is due to the lack of gadget...
Cisco Unified Intelligence Center Remote File Injection Vulnerability
Cisco Unified Intelligence Center is the United States Cisco Cisco company's set of Web-based reporting platform. The platform provides reports related to business data and call center data presentation capabilities. A remote file injection vulnerability exists in Cisco Unified Intelligence Cente...
Campsite 'g_campsiteDir' Remote and Local File Inclusion Vulnerabilities
This host is running Campsite and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodcampsitemultvuln.nasl 5055 2017-01-20 14:08:39Z teissa $ Campsite 'gcampsiteDir' Remote and Local File Inclusion Vulnerabilities Authors: Sharath S Copyright: Copyright c 2009 SecPod,...
gemini-rfi.txt
The Gemini Portal Multiple Remote File inj. version: 4.7 ---------------------------------------------------------- Discovered By: ZoRLu Date: 26.09.2008 Home: www.z0rlu.blogspot.com contact: [email protected] contact: [email protected] N0T: TUM iSLAM ALEMiNiN BAYRAMINI KUTLARIM...! N0T: YALNIZLIK,...