IBM Cognos Analytics 代码注入漏洞

A remote code execution vulnerability exists in IBM Cognos Analytics version 11.1.7, 11.2.0, a suite of business intelligence software from IBM Corporation that provides valuable information, secure data governance, and reporting. The vulnerability stems from incorrect neutralization of...

Landray EKP 跨站脚本漏洞

Landray EKP is an office automation solution that enables companies to easily model and manage... A cross-site scripting vulnerability in the /sys/attachment/uploaderServlet component of Landray EKP V12.0.9.R.20160325 could allow an attacker to execute arbitrary web script or HTML via a crafted...

PT-2021-2238 · Moodle +1 · Moodle +1

Name of the Vulnerable Software and Affected Versions: Moodle versions prior to 3.10.1 Moodle versions prior to 3.9.4 Moodle versions prior to 3.8.7 Moodle versions prior to 3.5.16 Description: The issue is related to the implementation of Shibboleth authentication technology in Moodle, which is...

Microsoft SharePoint SSI / ViewState Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SharePoint Server-Side Include and ViewState RCE', 'Description' = %q This module exploits a server-side include SSI in SharePoint to...

SRC-2020-0022 : Microsoft SharePoint Server DataFormWebPart CreateChildControls Server-Side Include Remote Code Execution Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on affected installations of SharePoint Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the DataFormWebPart class. The issue results from the lack of prope...

Privilege Escalation

The Apache HTTP Server is vulnerable to Privilege Escalation. A flaw was found in the handling of the "Options" and "AllowOverride" directives. In configurations using the "AllowOverride" directive with certain "Options=" arguments, local users were not restricted from executing commands from a...

tomcat: XSS in SSI printenv

The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default. The printenv command is intended for debugging and is unlikely to be present in a...

tomcat: XSS in SSI printenv

The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default. The printenv command is intended for debugging and is unlikely to be present in a...

tomcat: XSS in SSI printenv

The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default. The printenv command is intended for debugging and is unlikely to be present in a...

PT-2019-4683 · Apache +3 · Apache Tomcat +3

Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 7.0.0 through 7.0.93 Apache Tomcat versions 8.5.0 through 8.5.39 Apache Tomcat versions 9.0.0.M1 through 9.0.0.17 Description: The issue is related to the SSI printenv command in Apache Tomcat, which echoes user-provide...

U.S. Dept Of Defense: Server-side include injection vulnerability in a DoD website

A Department of Defense website was vulnerable to a Server-Side Include Injection attack which could have allowed an attacker to inject code into HTML pages or, under some circumstances, perform remote code execution. @jutsuce was as able to demonstrate this vulnerability by crafting a specially...

Axis Communications MPQTPACS 5.20.x - Server-Side Include Daemon Remote Format String

Axis Communications MPQTPACS 5.20.x - Server-Side Include Daemon Remote Format String !/usr/bin/env python2.7 SOF Remote Format String Exploit Axis Communications MPQT/PACS Server Side Include SSI Daemon Research and development by bashis 2016 This format string vulnerability has following...

Axis Communications MPQT/PACS 5.20.x - Server Side Include (SSI) Daemon Remote Format String

Exploit for multiple platform in category remote exploits !/usr/bin/env python2.7 SOF Remote Format String Exploit Axis Communications MPQT/PACS Server Side Include SSI Daemon Research and development by bashis 2016 This format string vulnerability has following characteristic: - Heap Based...

Axis Communications MPQT/PACS 5.20.x - Server-Side Include Daemon Remote Format String

!/usr/bin/env python2.7 SOF Remote Format String Exploit Axis Communications MPQT/PACS Server Side Include SSI Daemon Research and development by bashis 2016 This format string vulnerability has following characteristic: - Heap Based Exploiting string located on the heap - Blind Attack No output...

UBUNTU-CVE-2015-4050

FragmentListener in the HttpKernel component in Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7, when ESI or SSI support enabled, does not check if the controller attribute is set, which allows remote attackers to bypass URL signing and security...

Matt Wright guestbook.pl Arbitrary Command Execution

No description provided by source. $Id: guestbookssiexec.rb 9671 2010-07-03 06:21:31Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

Apache 1.3/2.0.x Server Side Include Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5847/info Apache is reported to be vulnerable to cross site scripting attacks. This vulnerability is due to the SSI error pages of the webserver not being properly sanitized of malicious HTML code. Attacker-supplied HTML...

Abe Timmerman zml.cgi File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3759/info zml.cgi is a perl script which can be used to support server side include directives under Apache. It recognizes a simple set of commands, and allows access to cgi parameters and environment variables. It can ru...

E-Guest 1.1 Server Side Include Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5129/info E-Guest guest book is a freely available, open source guest book. It is designed for Unix and Linux operating systems. E-Guest does not adequately sanitize user-supplied input in guest book entries. Because of...

ssi

This plugin finds server side include SSI vulnerabilities. Plugin type Audit Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests, theres always the source code to understand exactly whats under the hood: Plugin source...