GSX Analyzer 10.1211 - main.swf Hard-Coded Superadmin Credentials

GSX Analyzer 10.1211 - main.swf Hard-Coded Superadmin Credentials Exploit Title: GSX Analyzer hardcoded superadmin credentials in Main.swf Google Dork: inurl:"/Main.swf?cachebuster=" need to manually look for stringtitle "Loading GSX Analyzer ... 0%" Date: 12-07-16 Exploit Author: ndevnull Vendor...

up.time 7.5.0 Superadmin Privilege Escalation

up.time 7.5.0 Superadmin Privilege Escalation Exploit Vendor: Idera Inc. Product web page: http://www.uptimesoftware.com Affected version: 7.5.0 build 16 and 7.4.0 build 13 Summary: The next-generation of IT monitoring software. Desc: up.time suffers from a privilege escalation issue. Normal user...

SEC Consult SA-20150113-1 :: Privilege Escalation & XSS & Missing Authentication in Ansible Tower

SEC Consult Vulnerability Lab Security Advisory 20150113-1 ======================================================================= title: Privilege Escalation & XSS & Missing Authentication product: Ansible Tower vulnerable version: =2.0.2 fixed version: =2.0.5 impact: high homepage:...

fowlcms 1.1 (ab/lfi/su) Multiple Vulnerabilities

No description provided by source. || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH! --...

CVE-2014-0649

The RMI interface in Cisco Secure Access Control System ACS 5.x before 5.5 does not properly enforce authorization requirements, which allows remote authenticated users to obtain superadmin access via a request to this interface, aka Bug ID CSCud75180...

CVE-2010-4733

WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms have a default username and password, which makes it easier for remote attackers to obtain superadmin access via the web interface, a...

Default credentials

WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms have a default username and password, which makes it easier for remote attackers to obtain superadmin access via the web interface, a...

CVE-2010-4733

WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms have a default username and password, which makes it easier for remote attackers to obtain superadmin access via the web interface, a...

CVE-2010-4733

CVE-2010-4733 and related entries describe default-credential and remote-authenticated risks affecting Intellicom NetBiter NetSCADA WebSCADA components (WS100/WS200, EC150, MB100, SS100 on NB100/NB200). The root issue cited is default usernames/passwords allowing superadmin access via the web int...

IntelliCom NetBiter NB100 and NB200 platforms contain multiple vulnerabilities

Overview IntelliCom NetBiter products based on the NB100 and NB200 platforms contain multiple vulnerabilities. Description IntelliCom NetBiter products based on the NB100 and NB200 platforms contain multiple vulnerabilities. A user who has been authenticated at the superadmin level highest...

Intellicom NetBiter WebSCADA Vulnerabilities

OVERVIEW This advisory is a follow-up to ICS-ALERT-10-293-01 - Intellicom NetBiter WebSCADA Vulnerabilities, published on the ICS-CERT Web page on October 20, 2010. On October 1, 2010 independent researchers identified vulnerabilities in the Intellicom NetBiter Supervisory Control and Data...

Fowl CMS 1.1 SQL Injection / LFI / Upload

------------------------------------------------------- MULTIPLE REMOTE VULNERABILITIES--FOWLCMS 1.1-- ------------------------------------------------------- ----------------- CMS INFORMATION: ----------------- --WEB: https://sourceforge.net/projects/fowlcms/ --DOWNLOAD:...

FOWLCMS 1.1--Multiple Remote Vulnerabilities-->

------------------------------------------------------- MULTIPLE REMOTE VULNERABILITIES--FOWLCMS 1.1-- ------------------------------------------------------- ----------------- CMS INFORMATION: ----------------- --WEB: https://sourceforge.net/projects/fowlcms/ --DOWNLOAD:...

NetHoteles 2.0/3.0 (Auth Bypass) SQL Injection Vulnerability

No description provided by source. NetHoteles v3.0 Auth Bypass Remote Sql Injecion -=Dns-Team Marocain Hackers=- Author: Dns-Team Contact: Q2atHoTmaildotFr Site: www.Scam4u.com + www.Dns-Team.com Greetz: M4n1x + Sa4d + HSMX + Stack + PR0H4CK3RZ + N@bilX ---+-- Star --+--- Expl0!T -1- For SuperAdm...

NetHoteles 2.0/3.0 (Auth Bypass) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ============================================================ NetHoteles 2.0/3.0 Auth Bypass SQL Injection Vulnerability ============================================================ NetHoteles v3.0 Auth Bypass Remote Sql Injecion -=Dns-Team...

NetHoteles SQL Injection

NetHoteles v3.0 Auth Bypass Remote Sql Injecion -=Dns-Team Marocain Hackers=- Author: Dns-Team Contact: Q2atHoTmaildotFr Site: www.Scam4u.com + www.Dns-Team.com Greetz: M4n1x + Sa4d + HSMX + Stack + PR0H4CK3RZ + N@bilX ---+-- Star --+--- Expl0!T -1- For SuperAdmin : http://site.ir/superadmin...

NetHoteles 2.0/3.0 - Authentication Bypass

NetHoteles v3.0 Auth Bypass Remote Sql Injecion -=Dns-Team Marocain Hackers=- Author: Dns-Team Contact: Q2atHoTmaildotFr Site: www.Scam4u.com + www.Dns-Team.com Greetz: M4n1x + Sa4d + HSMX + Stack + PR0H4CK3RZ + N@bilX ---+-- Star --+--- Expl0!T -1- For SuperAdmin : http://site.ir/superadmin...

CVE-2008-0575

Cross-site request forgery CSRF vulnerability in admin/admincenter.php in webSPELL 4.01.02 allows remote attackers to assign the superadmin privilege level to arbitrary accounts as administrators via an "update member" action...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in admin/admincenter.php in webSPELL 4.01.02 allows remote attackers to assign the superadmin privilege level to arbitrary accounts as administrators via an "update member" action...

Webspell 4.01.02 2 Vulnerabilites

Webspell 4.01.02 2 Vulnerabilites Founded by NBBN Vendor: http://cms.webspell.org 1 Cross-Site Scripting Vulnerability 2 Change User Permission XSRF Vulnerability 1 http://site.tld/path/index.php?site=whoisonline&sort="xss code 2 This creates a superadmin account, when an admin click a link, to a...