18 matches found
EUVD-2018-2160
Malware in sbrugna...
EUVD-2018-2161
Malware in sbrugna...
Geist WatchDog Console XML External Entity Injection Vulnerability
Geist WatchDog Console is a suite of environmental monitoring software from Geist USA. An XML external entity injection vulnerability exists in Geist WatchDog Console version 3.2.2. A remote attacker can exploit this vulnerability to read arbitrary files with specially crafted XML data...
Geist WatchDog Console Insecure File Permission Vulnerability
Geist WatchDog Console is a suite of environmental monitoring software from Geist USA. A security vulnerability exists in Geist WatchDog Console version 3.2.2 that stems from the program's use of weak access control lists for the C:ProgramDataWatchDog Console directory. A local attacker can explo...
Cross site scripting
Cross-site scripting XSS vulnerability in Geist WatchDog Console 3.2.2 allows remote authenticated administrators to inject arbitrary web script or HTML via a server description...
CVE-2018-10079
Geist WatchDog Console 3.2.2 uses a weak ACL for the C:\ProgramData\WatchDog Console directory, which allows local users to modify configuration data by updating 1 config.xml or 2 servers.xml...
CVE-2018-10078
Cross-site scripting XSS vulnerability in Geist WatchDog Console 3.2.2 allows remote authenticated administrators to inject arbitrary web script or HTML via a server description...
Xxe
XML external entity XXE vulnerability in Geist WatchDog Console 3.2.2 allows remote authenticated administrators to read arbitrary files via crafted XML data...
CVE-2018-10079
Geist WatchDog Console 3.2.2 uses a weak ACL for the C:\ProgramData\WatchDog Console directory, which allows local users to modify configuration data by updating 1 config.xml or 2 servers.xml...
CVE-2018-10079
Geist WatchDog Console 3.2.2 CVE-2018-10079: a weak ACL on C:\ProgramData\WatchDog Console allows a local attacker to modify configuration data by updating config.xml or servers.xml. Root cause is insecure file permissions in the data directory. Impact is limited to local modification of configur...
CVE-2018-10078
Geist WatchDog Console 3.2.2 is affected by CVE-2018-10078, a cross-site scripting (XSS) vulnerability that lets remote authenticated administrators inject arbitrary web script or HTML via the server description. The known context, per the CVE entry, identifies the affected software as Geist Watc...
CVE-2018-10078
Cross-site scripting XSS vulnerability in Geist WatchDog Console 3.2.2 allows remote authenticated administrators to inject arbitrary web script or HTML via a server description...
CVE-2018-10077
Geist WatchDog Console 3.2.2 is affected by an XML External Entity (XXE) vulnerability that allows a remote authenticated administrator to read arbitrary files via crafted XML data. The issue is documented across multiple sources (e.g., NVD entry CVE-2018-10077, CNVD-2018-09907) and specifically ...
CVE-2018-10079
Geist WatchDog Console 3.2.2 uses a weak ACL for the C:\ProgramData\WatchDog Console directory, which allows local users to modify configuration data by updating 1 config.xml or 2 servers.xml...
CVE-2018-10077
XML external entity XXE vulnerability in Geist WatchDog Console 3.2.2 allows remote authenticated administrators to read arbitrary files via crafted XML data...
Geist WatchDog Console 3.2.2 XSS / XML Injection / Insecure Permissions
Exploit Author: bzyo CVE: CVE-2018-10077, CVE-2018-10078, CVE-2018-10079 Twitter: @bzyo Exploit Title: Geist WatchDog Console 3.2.2 - Multiple Vulnerabilities Date: 04-17-18 Vulnerable Software: WatchDog Console - 3.2.2 Vendor Homepage: http://www.itwatchdogs.com/ Version: 3.2.2 Software Link:...
Geist WatchDog Console 3.2.2 - Multiple Vulnerabilities
Exploit for multiple platform in category web applications Exploit Author: bzyo CVE: CVE-2018-10077, CVE-2018-10078, CVE-2018-10079 Twitter: @bzyo Exploit Title: Geist WatchDog Console 3.2.2 - Multiple Vulnerabilities Date: 04-17-18 Vulnerable Software: WatchDog Console - 3.2.2 Vendor Homepage:...
Geist WatchDog Console 3.2.2 - Multiple Vulnerabilities
Exploit Author: bzyo CVE: CVE-2018-10077, CVE-2018-10078, CVE-2018-10079 Twitter: @bzyo Exploit Title: Geist WatchDog Console 3.2.2 - Multiple Vulnerabilities Date: 04-17-18 Vulnerable Software: WatchDog Console - 3.2.2 Vendor Homepage: http://www.itwatchdogs.com/ Version: 3.2.2 Software Link:...