Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Saint
Saintadded 2012/04/27 12:0 a.m.31 views

LANDesk ThinkManagement Suite ServerSetup.asmx Directory Traversal

Added: 04/27/2012 CVE: CVE-2012-1195 BID: 52023 OSVDB: 79276 Background LANDesk Lenovo ThinkManagement Console provides hardware discovery, comprehensive inventory, and reporting for Lenovo systems. Problem LANDesk Lenovo ThinkManagement Console runs a web application under the Microsoft IIS web...

7.5CVSS6.2AI score0.86542EPSS
Exploits11
Tenable Nessus
Tenable Nessusadded 2012/04/10 12:0 a.m.37 views

Lenovo ThinkManagement Console RunAMTCommand Operation -PutUpdateFileCore Command Parsing Arbitrary File Upload

The version of Lenovo ThinkManagement Console hosted on the remote web server contains a flaw in the 'ServerSetup.asmx' script that allows a remote, unauthenticated attacker to upload and run arbitrary ASP scripts with the privileges of the web user. In addition, this version of Lenovo...

7.5CVSS5.4AI score0.86542EPSS
Exploits11References2
NVD
NVDadded 2012/02/18 12:55 a.m.9 views

CVE-2012-1196

Directory traversal vulnerability in the VulCore web service WSVulnerabilityCore/VulCore.asmx in Lenovo ThinkManagement Console 9.0.3 allows remote attackers to delete arbitrary files via a .. dot dot in the filename parameter in a SetTaskLogByFile SOAP request...

5CVSS6.7AI score0.7739EPSS
Exploits5References5
Prion
Prionadded 2012/02/18 12:55 a.m.10 views

Directory traversal

Directory traversal vulnerability in the VulCore web service WSVulnerabilityCore/VulCore.asmx in Lenovo ThinkManagement Console 9.0.3 allows remote attackers to delete arbitrary files via a .. dot dot in the filename parameter in a SetTaskLogByFile SOAP request...

5CVSS7.2AI score0.7739EPSS
Exploits5References5Affected Software1
Prion
Prionadded 2012/02/18 12:55 a.m.15 views

Unrestricted file upload

Unrestricted file upload vulnerability in andesk/managementsuite/core/core.anonymous/ServerSetup.asmx in the ServerSetup web service in Lenovo ThinkManagement Console 9.0.3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension via a PutUpdateFileCore...

7.5CVSS8.2AI score0.86542EPSS
Exploits11References5Affected Software1
CVE
CVEadded 2012/02/18 12:0 a.m.133 views

CVE-2012-1195

CVE-2012-1195 affects Lenovo ThinkManagement Console 9.0.3. The flaw is in ServerSetup.asmx under the landesk/managementsuite/core/core.anonymous/ path, where RunAMTCommand with -PutUpdateFileCore enables an unauthenticated remote attacker to upload an ASP payload and access it in the web root, l...

7.5CVSS7.7AI score0.86542EPSS
Exploits11References5Affected Software1
Cvelist
Cvelistadded 2012/02/18 12:0 a.m.15 views

CVE-2012-1196

Directory traversal vulnerability in the VulCore web service WSVulnerabilityCore/VulCore.asmx in Lenovo ThinkManagement Console 9.0.3 allows remote attackers to delete arbitrary files via a .. dot dot in the filename parameter in a SetTaskLogByFile SOAP request...

6.7AI score0.7739EPSS
Exploits5References5
Rows per page
Query Builder