Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

0day.today
0day.todayadded 2019/02/21 12:0 a.m.52 views

Nuuo Central Management SQL Injection Exploit

The Nuuo Central Management Server allows an authenticated user to query the state of the alarms. This functionality can be abused to inject SQL into the query. As SQL Server 2005 Express is installed by default, xpcmdshell can be enabled and abused to achieve code execution. This module will...

8.8CVSS0.6AI score0.66827EPSS
Exploits5
ATTACKERKB
ATTACKERKBadded 2018/11/27 12:0 a.m.23 views

Nuuo Central Management Server Authenticated SQL Server SQLi

Nuuo Central Management Server v3.3 and prior are vulnerable to an authenticated SQL injection vulnerability. Recent assessments: jrobles-r7 at May 09, 2019 5:57pm UTC reported: Details Details from module documentation in Metasploit. The GETOPENALARM verb is used to obtain information about alar...

8.8CVSS9.1AI score0.66827EPSS
Exploits5References5
Packet Storm
Packet Stormadded 2011/10/04 12:0 a.m.34 views

CA Total Defense Suite reGenerateReports Stored Procedure SQL Injection

$Id: catotaldefenseregeneratereports.rb 13810 2011-10-02 17:03:23Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

10CVSS0.2AI score0.7727EPSS
Exploits12
securityvulns
securityvulnsadded 2011/09/20 12:0 a.m.133 views

Nortel Contact Recording Centralized Archive 6.5.1 EyrAPIConfiguration getSubKeys() Remote SQL Injection Exploit

?php / Nortel Contact Recording Centralized Archive 6.5.1 EyrAPIConfiguration Web Service getSubKeys Remote SQL Injection Exploit tested against: Microsoft Windows Server 2003 r2 sp2 Microsoft SQL Server 2005 Express download uri:...

8.8AI score
Exploits0
0day.today
0day.todayadded 2011/09/14 12:0 a.m.19 views

Nortel Contact Recording Centralized Archive 6.5.1 SQL Injection Exploit

Exploit for jsp platform in category web applications EyrAPIConfiguration /EyrAPIConfiguration/ ... at the following url: http://host:8080/EyrAPI/EyrAPIConfiguration/EyrAPIConfigurationIf Vulnerability: without prior authentication, you can reach a web service with various methods availiable, as...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2011/02/14 12:0 a.m.101 views

VMSA-2011-0003 : Third-party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX

a. vCenter Server and vCenter Update Manager update Microsoft SQL Server 2005 Express Edition to Service Pack 3 Microsoft SQL Server 2005 Express Edition SQL Express distributed with vCenter Server 4.1 Update 1 and vCenter Update Manager 4.1 Update 1 is upgraded from SQL Express Service Pack 2 to...

10CVSS7.9AI score0.92143EPSS
Exploits122References99
Rows per page
Query Builder