11 matches found
EUVD-2015-7811
Malware in sbrugna...
CVE-2024-12700 Tibbo AggreGate Network Manager Unrestricted Upload of File with Dangerous Type
There is an unrestricted file upload vulnerability where it is possible for an authenticated user low privileged to upload an jsp shell and execute code with the privileges of user running the web server...
CVE-2024-12700
CVE-2024-12700 relates to Tibbo AggreGate Network Manager. The provided documents identify an unrestricted file upload vulnerability in the UploaderTempFileController (Tibbo Aggregate Network Manager) that allows an authenticated, low-privileged user to upload a JSP shell and execute arbitrary co...
CVE-2024-12700 Tibbo AggreGate Network Manager Unrestricted Upload of File with Dangerous Type
There is an unrestricted file upload vulnerability where it is possible for an authenticated user low privileged to upload an jsp shell and execute code with the privileges of user running the web server...
CVE-2015-7913
agserverservice.exe in the AggreGate Server Service in Tibbo AggreGate before 5.30.06 allows local users to execute arbitrary Java code with SYSTEM privileges by using the Apache Axis AdminService deployment method to publish a class...
CVE-2015-7912
The Ice Faces servlet in agserverservice.exe in the AggreGate Server Service in Tibbo AggreGate before 5.30.06 allows remote attackers to upload and execute arbitrary Java code via a crafted XML document...
Code injection
The Ice Faces servlet in agserverservice.exe in the AggreGate Server Service in Tibbo AggreGate before 5.30.06 allows remote attackers to upload and execute arbitrary Java code via a crafted XML document...
CVE-2015-7912
The Ice Faces servlet in agserverservice.exe in the AggreGate Server Service in Tibbo AggreGate before 5.30.06 allows remote attackers to upload and execute arbitrary Java code via a crafted XML document...
CVE-2015-7913
agserverservice.exe in the AggreGate Server Service in Tibbo AggreGate before 5.30.06 allows local users to execute arbitrary Java code with SYSTEM privileges by using the Apache Axis AdminService deployment method to publish a class...
CVE-2015-7913
CVE-2015-7913 affects Tibbo AggreGate Platform (ag_server_service.exe) prior to version 5.30.06. A local attacker can publish arbitrary Java classes via the Apache Axis AdminService deployment method, enabling code execution with SYSTEM privileges. Mitigation: update to AggreGate Platform 5.30.06...
KLA10705 Code execution vulnerabilities in Tibbo AggreGate.
Successful exploitation of the identified vulnerabilities may allow an attacker to execute arbitrary code and commands. 1. Unknown vulnerability at Ice Faces servlet allows remote attackers to upload and execute arbitrary Java code via a specially designed XML document; 2. Unknown vulnerability...