23 matches found
CentOS Control Web Panel 0.9.8.838 - User Enumeration
CentOS Control Web Panel 0.9.8.838 - User Enumeration Exploit Title: CWP CentOS Control Web Panel 0.9.8.848 User Enumeration via HTTP Response Message Date: 15 July 2019 Exploit Author: Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak Vendor Homepage:...
CentOS Control Web Panel 0.9.8.836 - Authentication Bypass
CentOS Control Web Panel 0.9.8.836 - Authentication Bypass Exploit Title: CWP CentOS Control Web Panel ||//...
KioWare Server Version 4.9.6 - Weak Folder Permissions Privilege Escalation
Exploit Title : KioWare Server Version 4.9.6 - Weak Folder Permissions Privilege Escalation Date : 10/12/2018 Exploit Author : Hashim Jawad - @ihack4falafel Vendor Homepage : https://www.kioware.com/ Tested on : Windows Server 2016 Standard x64 CVE : CVE-2018-18435 Description: ============ KioWa...
Moxa EDR-810 Server Agent Information Disclosure Vulnerability(CVE-2017-12128)
Summary An exploitable information disclosure vulnerability exists in the Server Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted TCP packet can cause information disclosure. An attacker can send a crafted TCP packet to trigger this vulnerability. Tested Versions Moxa...
Trend Micro OfficeScan 11.0XG (12.0) - Memory Corruption
Trend Micro OfficeScan 11.0XG 12.0 - Memory Corruption + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/CVE-2017-14089-TRENDMICRO-OFFICESCAN-XG-PRE-AUTH-REMOTE-MEMORY-CORRUPTION.txt + ISR: ApparitionSec Vendor:...
Webmin 1.840 Cross Site Scripting
Vulnerability type: Reflected Cross Site Scripting ------------------------ Product: Webmin ------------------------ Affected version: Webmin 1.840 and possibly earlier ------------------------ Patched version: Webmin 1.850 ------------------------ Credit: Andy Tan ------------------------ CVE ID...
Mantis Bug Tracker 1.3.10/2.3.0 - Cross-Site Request Forgery
Credits: John Page a.k.a hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MANTIS-BUG-TRACKER-CSRF-PERMALINK-INJECTION.txt + ISR: ApparitionSec Vendor: ================ www.mantisbt.org Product: ========= Mantis Bug Tracker 1.3.10 / v2.3.0 MantisBT...
Alienvault OSSIM/USM 5.3.1 - PHP Object Injection
Details ======= Product: Alienvault OSSIM/USM Vulnerability: PHP Object Injection Author: Peter Lapp, lappsec gmail com CVE: CVE-2016-8580 Vulnerable Versions: =5.3.1 Fixed Version: 5.3.2 Vulnerability Details ===================== A PHP object injection vulnerability exists in multiple widget...
Piwigo 2.7.3 - SQL Injection
Piwigo 2.7.3 - SQL Injection CVE-2015-1517 Piwigo - SQL Injection in Version 2.7.3 ---------------------------------------------------------------- Product Information: Software: Piwigo Tested Version: 2.7.3, released on 9 January 2015 Vulnerability Type: SQL Injection CWE-89 Download link:...
posnic stock management system 1.02 - Multiple Vulnerabilities
No description provided by source. Exploit Title: Posnic Stock Management System 1.02 Multiple Vulnerabilities Date: 26 Sep 2013 Vendor Homepage: http://www.posnic.com Software Link: http://sourceforge.net/projects/stockmanagement/?source=directory Version: 1.02 Tested on: Win 7/Backtrack CVE :...
Posnic Stock Management System 1.02 - Multiple Vulnerabilities
Exploit Title: Posnic Stock Management System 1.02 Multiple Vulnerabilities Date: 26 Sep 2013 Vendor Homepage: http://www.posnic.com Software Link: http://sourceforge.net/projects/stockmanagement/?source=directory Version: 1.02 Tested on: Win 7/Backtrack CVE : Exploit Author: Sarahma Security...
eM Client 5.0.18025.0 Cross Site Scripting
!/usr/bin/python ''' Author: loneferret of Offensive Security Date: 22-08-2013 Product: eM Client for Windows Version: 5.0.18025.0 previous versions and other platforms may be vulnerable Vendor Site: http://www.emclient.com/ Software Download: http://www.emclient.com/download Tested on: Windows X...
FOOT Gestion CMS SQL Injection Vulnerability
FOOT Gestion CMS suffers from a remote SQL injection vulnerability. Product: FOOT Gestion Version: - Vendor: Winsoft Vendor site:http://www.footgestion.ch Status: fixed Level: High ========= Description ========= FOOT Gestion is a soccer team management CMS. The solution is based on a software an...
ManageEngine ServiceDesk Plus 8.1 - Persistent Cross-Site Scripting
ManageEngine ServiceDesk Plus 8.1 - Persistent Cross-Site Scripting !/usr/bin/python ''' Author: loneferret of Offensive Security Product: ManageEngine Service Desk Plus Windows standard Version: 8.1 Vendor Site: http://www.manageengine.com Software Download:...
GLPI 0.83.2 Cross Site Request Forgery
Hi, This is regarding multiple CSRF Cross Site Request Forgery Vulnerabilities in GLPI Version 0.83.2. The following is the disclosure document: Title: Multiple CSRF Vulnerabilities in GLPI Version 0.83.2 ------------------------------------------------------------------------...
Android FTPServer 1.9.0 Denial Of Service
Exploit Title: Android FTPServer 1.9.0 Remote DoS Date: 03/20/12 Author: G13 Twitter: @g13net Software Site: https://sites.google.com/site/andreasliebigapps/ftpserver/ Download Link: http://www.g13net.com/ftpserver.apk Version: 1.9.0 Category: DoS android Vulnerability FTPServer is vulnerable to ...
Android FTPServer 1.9.0 - Remote Denial of Service
Android FTPServer 1.9.0 - Remote Denial of Service Exploit Title: Android FTPServer 1.9.0 Remote DoS Date: 03/20/12 Author: G13 Twitter: @g13net Software Site: https://sites.google.com/site/andreasliebigapps/ftpserver/ Download Link: http://www.g13net.com/ftpserver.apk Version: 1.9.0 Category: Do...
RazorCMS 1.2 - Directory Traversal
RazorCMS 1.2 - Directory Traversal Exploit Title: razorCMS 1.2 Path Traversal Google Dork: "Powered by razorCMS" Date: January 10, 2012 Author: chap0 Software Link: http://www.razorcms.co.uk/archive/core/ Version: 1.2 Tested on: Ubuntu Patch: Upgrade to latest release 1.2.1 Greetz To: RazorCMS is...
WordPress UPM-POLLS 1.0.4 Blind SQL Injection
Exploit Title: BLIND SQL injection UPM-POLLS wordpress plugin 1.0.4 Google Dork: n/a Date: 04-12-2011 Author: Saif El-Sherei Software Link: http://downloads.wordpress.org/plugin/upm-polls.1.0.4.zip Version: 1.0.4 Tested on: wordpress 3.2.1,Firefox 4, XAMPP Info: Best Plugin to create Polls for yo...
POSH - Multiple Vulnerabilities
Exploit Title: POSH = 3.1.1 Multiple Vulnerabilities Date: 10/10/2011 Author: CrashFr Software Link: http://sourceforge.net/projects/posh/ Version: 3.1.1 Tested on: Linux //----- Advisory Program : POSH 3.1.1 and prior Vendor : www.portaneo.com Homepage : http://sourceforge.net/projects/posh/...