Apple TV app 安全漏洞

Apple TV app is a television application from Apple, Inc. A security vulnerability exists in the Apple TV app for Fire OS versions prior to 6.1.0.6A142:7.1.0, which can be exploited by an attacker with file system access to modify scripts used by the app...

CVE-2021-32464

An incorrect permission assignment privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security Services could allow an attacker to modify a specific script before it is executed. Please note: an attacker must first obtain the ability to execu...

CVE-2021-32464

An incorrect permission assignment privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security Services could allow an attacker to modify a specific script before it is executed. Please note: an attacker must first obtain the ability to execu...

Privilege escalation

An incorrect permission assignment privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security Services could allow an attacker to modify a specific script before it is executed. Please note: an attacker must first obtain the ability to execu...

CVE-2021-32464

An incorrect permission assignment privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security Services could allow an attacker to modify a specific script before it is executed. Please note: an attacker must first obtain the ability to execu...

Exploit for Deserialization of Untrusted Data in Apache Ofbiz

CVE-2020-9496 Because the 2 xmlrpc related requets in webtools...

CVE-2020-28909

Incorrect File Permissions in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation to root via modification of scripts. Low-privileges users are able to modify files that can be executed by sudo...

Moxa MXView Local Elevation of Privilege Vulnerability

Moxa MXview is a network management software for monitoring and diagnosing industrial networks. A local elevation of privilege vulnerability exists in the file system permissions of Moxa MXView series 3.1.8. An attacker can exploit the elevation of privilege by adding code to a script or replacin...

CVE-2020-13537

An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. Depending on the vector chosen, an attacker can either add code to a script or replace a binary.By default MXViewService, which starts as a NT SYSTEM authority us...

CVE-2020-11753

An issue was discovered in Sonatype Nexus Repository Manager in versions 3.21.1 and 3.22.0. It is possible for a user with appropriate privileges to create, modify, and execute scripting tasks without use of the UI or API. NOTE: in 3.22.0, scripting is disabled by default making this not...

ManageEngine Desktop Central <= 10.0.184 Multiple Vulnerabilities

ManageEngine Desktop Central is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Directory traversal

An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: directory traversal in the SCRIPTNAME field when modifying existing scripts...

CVE-2018-5337

An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: directory traversal in the SCRIPTNAME field when modifying existing scripts...

Form Mail Script Formmail.inc.php File Inclusion (CVE-2005-0678)

A PHP remote file inclusion vulnerability has been reported in Form Mail Script. A remote attacker could trigger this flaw by executing an arbitrary PHP code after modifying the scriptroot to reference a URL on a remote web server that contains the code...

Opera 9.50, 9.61 historysearch - Command Execution

No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/projects/Framework/ requir...

Design/Logic Flaw

The Optim E-Business Console in IBM Data Growth Solution for Oracle E-business Suite 6.0 through 9.1 allows remote authenticated users to bypass intended access restrictions and create, modify, or delete documents or scripts via unspecified vectors...

Short Password Reset code vulnerability allows hackers to brute-force many websites

Yesterday we received a vulnerability report in web applications from some unknown Indian Hacker, who explained that how Hackers are hijacking Mobile recharge and Free SMS service related websites. He detailed the loophole in password reset process, that could allow attackers to brute force many...

Cisco Unified Communications Manager Privilege Escalation Vulnerability

A vulnerability in Cisco Unified Communications Manager Unified CM could allow an authenticated, local attacker to elevate privileges on the system. The vulnerability is due to improper file permissions, environment variables, and relative paths in a privileged system script. An attacker could...

Heiner personal blog system backend authentication bypass vulnerability and fix-vulnerability warning-the black bar safety net

Software description HeinerHituxpersonal blog by the system to build your blog or personal website will be a breeze. Does not need to have how Professional web design knowledge, without the need for the program there are many familiar, only the download Heiner personal blog source code uploaded t...

PowerSploit

This project is no longer supported PowerSploit is a col...