TIK-SOFT多款产品 信任管理问题漏洞

TIK-SOFT Finka-FK is a product of the Polish company TIK-SOFT. TIK-SOFT Finka-FK is a financial accounting software. TIK-SOFT Finka-KPR is a financial management software. TIK-SOFT Finka-Płace is a human resources and payroll management software. Several TIK-SOFT products have vulnerabilities...

CVE-2023-35830

STW aka Sensor-Technik Wiedemann TCG-4 Connectivity Module DeploymentPackagev3.03r0-Impala and DeploymentPackagev3.04r2-Jellyfish and TCG-4lite Connectivity Module DeploymentPackagev3.04r2-Jellyfish allow an attacker to gain full remote access with root privileges without the need for...

Remote code execution

STW aka Sensor-Technik Wiedemann TCG-4 Connectivity Module DeploymentPackagev3.03r0-Impala and DeploymentPackagev3.04r2-Jellyfish and TCG-4lite Connectivity Module DeploymentPackagev3.04r2-Jellyfish allow an attacker to gain full remote access with root privileges without the need for...

CVE-2023-35830

STW aka Sensor-Technik Wiedemann TCG-4 Connectivity Module DeploymentPackagev3.03r0-Impala and DeploymentPackagev3.04r2-Jellyfish and TCG-4lite Connectivity Module DeploymentPackagev3.04r2-Jellyfish allow an attacker to gain full remote access with root privileges without the need for...

CVE-2023-35830

STW aka Sensor-Technik Wiedemann TCG-4 Connectivity Module DeploymentPackagev3.03r0-Impala and DeploymentPackagev3.04r2-Jellyfish and TCG-4lite Connectivity Module DeploymentPackagev3.04r2-Jellyfish allow an attacker to gain full remote access with root privileges without the need for...

CVE-2023-35830

STW TCG-4 Connectivity Module (DeploymentPackage_v3.03r0-Impala, DeploymentPackage_v3.04r2-Jellyfish) and TCG-4lite Connectivity Module (DeploymentPackage_v3.04r2-Jellyfish) contain a vulnerability that allows an attacker to gain full remote access with root privileges without authentication, ena...

stw-italy.jp Cross Site Scripting vulnerability OBB-3408782

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

stw-italy.jp Cross Site Scripting vulnerability OBB-3391050

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

stw-italy.jp Cross Site Scripting vulnerability OBB-3171116

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

stw-italy.jp Cross Site Scripting vulnerability OBB-3150594

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

stw-muenster.de Cross Site Scripting vulnerability OBB-1300149

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

stw-ma.de XSS vulnerability

Open Bug Bounty ID: OBB-641139 Description| Value ---|--- Affected Website:| stw-ma.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

stw-muenster.de XSS vulnerability

Vulnerable URL: https://www.stw-muenster.de/de/?s=%22%2F%3E%27%3E%22%3EI%3Ci%3EI%3Csvg%2Fonload%3Dalert%28%2Fopenbugbounty%2F%29%3Ewpcron=1505056806.0102279186248779296875 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 09.12.2017 Vulnerability type:| XSS Vulnerability...

Linux Command Shell, Reverse TCP Inline

Connect back to attacker and spawn a command shell This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 183 include Msf::Payload::Single include Msf::Payload::Linux::Ppc::Prepends inclu...