Lucene search
K

7082 matches found

GithubExploit
GithubExploit
added 2021/04/07 11:10 a.m.306 views

Exploit for CVE-2021-24086

CVE-2021-24086 This is a proof of concept for CVE-2021-24086...

9.8CVSS8.7AI score0.58961EPSS
Exploits7
RedHat Linux
RedHat Linux
added 2021/03/30 4:48 p.m.4 views

golang: data race in certain net/http servers including ReverseProxy can lead to DoS

A flaw was found Go's net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability...

5.9CVSS7.3AI score0.02893EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/03/30 9:46 a.m.8 views

tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling

A flaw was found in Apache Tomcat. The HTTP header parsing code used an approach to end-of-line EOL parsing that allowed some invalid HTTP headers to be parsed as valid. This led to the possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the...

5.8CVSS6.8AI score0.09386EPSS
Exploits0References7
CNVD
CNVD
added 2021/03/29 12:0 a.m.9 views

SolarWinds Orion Platform Reverse Tag Phishing Vulnerability

SolarWinds Orion Platform is a comprehensive bandwidth performance management and fault management application that lets you view real-time statistics about your network directly from your Web browser. A reverse label phishing vulnerability exists in the Customize Menu Item Options page in...

4.9CVSS6.5AI score0.0076EPSS
Exploits0References1
OSV
OSV
added 2021/03/26 7:52 p.m.28 views

GHSA-246W-56M2-5899 Cross-site scripting (XSS) vulnerability in the password reset endpoint

Impact The password reset endpoint served via Synapse was vulnerable to cross-site scripting XSS attacks. The impact depends on the configuration of the domain that Synapse is deployed on, but may allow access to cookies and other browser data, CSRF vulnerabilities, and access to other resources...

6.9CVSS7.6AI score0.01221EPSS
Exploits0References8
Metasploit
Metasploit
added 2021/03/26 5:42 p.m.100 views

SAP Solution Manager remote unauthorized OS commands execution

This module exploits the CVE-2020-6207 vulnerability within the SAP EEM servlet tcsmdagentapplicationeem of SAP Solution Manager SolMan running version 7.2. The vulnerability occurs due to missing authentication checks when submitting a SOAP request to the /EemAdminService/EemAdmin page to get...

10CVSS9.5AI score0.98376EPSS
Exploits7
NVD
NVD
added 2021/03/26 4:15 p.m.17 views

CVE-2021-3109

The custom menu item options page in SolarWinds Orion Platform before 2020.2.5 allows Reverse Tabnabbing in the context of an administrator account...

4.9CVSS0.0076EPSS
Exploits0References2
OSV
OSV
added 2021/03/26 4:15 p.m.4 views

CVE-2021-3109

The custom menu item options page in SolarWinds Orion Platform before 2020.2.5 allows Reverse Tabnabbing in the context of an administrator account...

4.8CVSS6AI score0.0076EPSS
Exploits0References2
Prion
Prion
added 2021/03/26 4:15 p.m.19 views

Code injection

The custom menu item options page in SolarWinds Orion Platform before 2020.2.5 allows Reverse Tabnabbing in the context of an administrator account...

4.9CVSS5.1AI score0.0076EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/03/26 3:14 p.m.104 views

CVE-2021-3109

CVE-2021-3109 affects SolarWinds Orion Platform; the issue is a Reverse Tabnabbing and open redirect vulnerability in the custom menu item options page that exists before version 2020.2.5. Exploitation requires an Orion administrator account and access is via the custom menu item options page. Th...

4.9CVSS5.4AI score0.0076EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/03/26 3:14 p.m.21 views

CVE-2021-3109

The custom menu item options page in SolarWinds Orion Platform before 2020.2.5 allows Reverse Tabnabbing in the context of an administrator account...

5.4AI score0.0076EPSS
Exploits0References2
Kitploit
Kitploit
added 2021/03/26 11:30 a.m.205 views

Retoolkit - Reverse Engineer's Toolkit

This is a collection of tools you may like if you are interested on reverse engineering and/or malware analysis on x86 and x64 Windows systems. After installing this toolkit you'll have a folder in your desktop with shortcuts to RE tools like these: Why do I need it? You don't. Obviously, you can...

7.3AI score
Exploits0References4
0day.today
0day.today
added 2021/03/26 12:0 a.m.125 views

SAP Solution Manager 7.2 Remote Command Execution Exploit

This Metasploit module exploits the CVE-2020-6207 vulnerability within the SAP EEM servlet of SAP Solution Manager SolMan running version 7.2. The vulnerability occurs due to missing authentication checks when submitting a SOAP request to the /EemAdminService/EemAdmin page to get information abou...

10CVSS0.5AI score0.98376EPSS
Exploits7
CNNVD
CNNVD
added 2021/03/26 12:0 a.m.5 views

Solarwinds Orion Platform 安全漏洞

SolarWinds Orion Platform is a comprehensive bandwidth performance management and fault management application that lets you view real-time statistics about your network directly from your Web browser. A reverse label phishing vulnerability exists in the Customize Menu Item Options page in...

4.9CVSS5.6AI score0.0076EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/03/26 12:0 a.m.68 views

SolarWinds Orion Platform < 2020.2.5 Multiple Vulnerabilities

According to its self-reported version number, the version of SolarWinds Orion Platform is prior to 2020.2.5. It is, therefore, affected by multiple vulnerabilities: - A reverse tabnabbing and open redirect vulnerability was found in the custom menu item options page. This vulnerability requires ...

4.9CVSS6.8AI score0.0076EPSS
Exploits0References3
Fedora
Fedora
added 2021/03/23 1:33 a.m.59 views

[SECURITY] Fedora 33 Update: radare2-5.1.1-1.fc33

The radare2 is a reverse-engineering framework that is multi-architecture, multi-platform, and highly scriptable. Radare2 provides a hexadecimal editor, wrapped I/O, file system support, debugger support, diffing between two functions or binaries, and code analysis at opcode, basic block, and...

7.5CVSS0.4AI score0.01819EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2021/03/23 12:0 a.m.33 views

SAP NetWeaver AS JAVA Reverse Tabnabbing (2976947)

SAP Netweaver Application Server Java Applications based on WebDynpro Java versions 7.00, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities. Note that Nessus has not tested for this issue but has instead...

6.1CVSS5.7AI score0.00666EPSS
Exploits0References3
Exploit DB
Exploit DB
added 2021/03/22 12:0 a.m.422 views

MyBB 1.8.25 - Chained Remote Command Execution

Exploit Title: MyBB 1.8.25 - Chained Remote Command Execution Exploit Author: SivertPL [email protected] Date: 19.03.2021 Description: Nested autourl Stored XSS - templateset second order SQL Injection leading to RCE through improper string interpolation in eval. Software Link:...

8.8CVSS7.5AI score0.1059EPSS
Exploits10
Packet Storm
Packet Storm
added 2021/03/22 12:0 a.m.382 views

MyBB 1.8.25 Remote Command Execution

Exploit Title: MyBB 1.8.25 - Chained Remote Command Execution Exploit Author: SivertPL [email protected] Date: 19.03.2021 Description: Nested autourl Stored XSS - templateset second order SQL Injection leading to RCE through improper string interpolation in eval. Software Link:...

4.3CVSS7.5AI score0.1059EPSS
Exploits10
Kitploit
Kitploit
added 2021/03/20 8:30 p.m.335 views

Invoke-SocksProxy - Socks Proxy, And Reverse Socks Server Using Powershell

Creates a local or "reverse" Socks proxy using powershell. The local proxy is a simple Socks 4/5 proxy. The reverse proxy creates a tcp tunnel by initiating outbond SSL connections that can go through the system's proxy. The tunnel can then be used as a socks proxy on the remote host to pivot int...

7.2AI score
Exploits0References2
Rows per page
Query Builder