Vehicle Sales Management System XSS / Shell Upload / SQL Injection

Exploit Title: VSMS Multiple Vulnerabilities Google Dork: N/A Date: 16-3-2018 Exploit Author: Sing Vendor Homepage: https://sourceforge.net/projects/vsms-php/?source=typredirect Software Link: https://sourceforge.net/projects/vsms-php/?source=typredirect Version: 07/2017 possible v1.2 Tested on:...

[security bulletin] HPSBGN03308 rev.1 - HP TippingPoint Security Management System (SMS) and TippingPoint Virtual Security Management System (vSMS), Remote Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04626974 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04626974 Version: 1 HPSBGN03308 rev....

CVE-2015-2117

HP TippingPoint Security Management System SMS and TippingPoint Virtual Security Management System vSMS before 4.1 patch 3 and 4.2 before patch 1 do not require authentication for JBoss RMI requests, which allows remote attackers to execute arbitrary code by 1 uploading this code within an archiv...

Authentication flaw

HP TippingPoint Security Management System SMS and TippingPoint Virtual Security Management System vSMS before 4.1 patch 3 and 4.2 before patch 1 do not require authentication for JBoss RMI requests, which allows remote attackers to execute arbitrary code by 1 uploading this code within an archiv...

CVE-2015-2117

HP TippingPoint Security Management System SMS and TippingPoint Virtual Security Management System vSMS before 4.1 patch 3 and 4.2 before patch 1 do not require authentication for JBoss RMI requests, which allows remote attackers to execute arbitrary code by 1 uploading this code within an archiv...

CVE-2015-2117

HP TippingPoint SMS/vSMS are affected by CVE-2015-2117 due to a JBoss RMI vulnerability exposed without authentication, enabling remote code execution. Affected: SMS/vSMS before 4.1 patch 3 and 4.2 patch 1. Attack surface includes RMI on TCP port 4444; exploitation can upload arbitrary code or in...

HP TippingPoint SMS and vSMS JBoss RMI Remote Code Execution Vulnerabilty

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP TippingPoint SMS and vSMS. Authentication is not required to exploit this vulnerability. The flaw exists within the Remote Method Invocation RMI component which is exposed on TCP ports 4444...