10 matches found
CVE-2022-29731
An access control issue in ICT Protege GX/WX 2.08 allows attackers to leak SHA1 password hashes of other users...
IPMI 2.0 RAKP Remote SHA1 Password Hash Retrieval
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IPMI 2.0 RAKP Remote SHA1 Password Hash Retrieval', 'Description' = %q| This module identifies IPMI 2.0-compatible systems and attempts to retrie...
CVE-2022-29731
An access control issue in ICT Protege GX/WX 2.08 allows attackers to leak SHA1 password hashes of other users...
CVE-2022-29731
An access control issue in ICT Protege GX/WX 2.08 allows attackers to leak SHA1 password hashes of other users...
ICT Protege GX/WX 2.08 - Client-Side SHA1 Password Hash Disclosure
Exploit Title: ICT Protege GX/WX 2.08 - Client-Side SHA1 Password Hash Disclosure Exploit Author: LiquidWorm Vendor: Integrated Control Technology Ltd. Product web page: https://www.ict.co Affected version: GX: Ver: 2.08.1002 K1B3 Lib: 04.00.217 Int: 2.3.235.J013 OS: 2.0.20 WX: Ver: 4.00 284 H062...
CVE-2020-35580
A local file inclusion vulnerability in the FileServlet in all SearchBlox before 9.2.2 allows remote, unauthenticated users to read arbitrary files from the operating system via a /searchblox/servlet/FileServlet?col=url= request. Additionally, this may be used to read the contents of the SearchBl...
OpenEMR 4.1.1 Patch 14 SQLi Privilege Escalation Remote Code Execution
This Metasploit module exploits a vulnerability found in OpenEMR version 4.1.1 Patch 14 and lower. When logging in as any non-admin user it's possible to retrieve the admin SHA1 password hash from the database through SQL injection. The SQL injection vulnerability exists in the...
OpenEMR 4.1.1 Patch 14 - SQL Injection / Privilege Escalation / Remote Code Execution (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "OpenEMR 4.1.1 Pat...
OpenEMR 4.1.1 Patch 14 SQLi Privilege Escalation Remote Code Execution
This module exploits a vulnerability found in OpenEMR version 4.1.1 Patch 14 and lower. When logging in as any non-admin user, it's possible to retrieve the admin SHA1 password hash from the database through SQL injection. The SQL injection vulnerability exists in the "newcomprehensivesave.php"...
Important: Red Hat Security Advisory: httpd security update
Updated httpd packages that include a security fix for modssl and various enhancements are now available. The Apache HTTP server is a powerful, full-featured, efficient, and freely-available Web server. An input filter bug in modssl was discovered in Apache httpd version 2.0.50 and earlier. A...