Lucene search
+L

107 matches found

Packet Storm
Packet Storm
added 2017/03/31 12:0 a.m.29 views

mapr Information Disclosure

Hello, The mapr web frontend component creates an information disclosure vulnerability. During the setup of mapr the configure.sh script calls a function ConfigureWSRole: function ConfigureWSRole if $clientOnly -eq 0 -a $dontChangeSecurityPermissionsOn -eq 0 ; then ConfigureRunUserForWS fi This...

7.4AI score
Exploits0
Debian
Debian
added 2017/03/05 9:30 p.m.55 views

[SECURITY] [DSA 3802-1] zabbix security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3802-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 05, 2017 https://www.debian.org/security/faq -...

9.8CVSS9.8AI score0.83284EPSS
Exploits24
CNVD
CNVD
added 2017/02/21 12:0 a.m.4 views

Unrestricted SQL Injection Vulnerability in Frontend of iWebSNS Enterprise Social Networking Platform

iWebSNS is a set of open source SNS social networking software built on LAMP development. iWebSNS enterprise social networking platform front-end there are unlimited SQL injection vulnerabilities. As the source code servtools\menupop\translatepri.php tname, vid and tem variables failed to strictl...

8.2AI score
Exploits0
Kitploit
Kitploit
added 2017/02/12 2:30 p.m.99 views

MTR - A Network Diagnostic Tool

MTR combines the functionality of the 'traceroute' and 'ping' programs in a single network diagnostic tool. As mtr starts, it investigates the network connection between the host mtr runs on and a user-specified destination host. After it determines the address of each network hop between the...

7.1AI score
Exploits0References1
Debian
Debian
added 2016/04/07 5:14 p.m.57 views

[SECURITY] [DSA 3545-1] cgit security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3545-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 07, 2016 https://www.debian.org/security/faq -...

7.5CVSS2.2AI score0.03791EPSS
Exploits1
OSV
OSV
added 2016/04/07 12:0 a.m.21 views

DSA-3545-1 cgit - security update

Bulletin has no description...

9.8CVSS5.4AI score0.03791EPSS
Exploits1
seebug.org
seebug.org
added 2015/09/01 12:0 a.m.38 views

Ganglia Web Frontend < 3.5.1 - PHP Code Execution

Assuming that ganglia is installed on the target machine at this path:/var/www/html/ganglia/ 2. Assuming the attacker has minimal access to the target machine and can write to "/tmp". There are several methods where a remote attacker can also trigger daemons or other system processes to create...

7.5CVSS6.3AI score0.09944EPSS
Exploits5
exploitpack
exploitpack
added 2015/08/31 12:0 a.m.27 views

Ganglia Web Frontend 3.5.1 - PHP Code Execution

Ganglia Web Frontend 3.5.1 - PHP Code Execution...

7.5CVSS0.6AI score0.09944EPSS
Exploits5
0day.today
0day.today
added 2015/08/31 12:0 a.m.69 views

Ganglia Web Frontend < 3.5.1 - PHP Code Execution Exploit

Exploit for php platform in category web applications ?php / Author : Andrei Costin andrei theATsign firmware theDOTsign re Desc : CVE-2012-3448 PoC Details : This PoC will create a dummy file in the /tmp folder and will copy /etc/passwd to /tmp. To modify the attack payload, modify the code...

7.5CVSS0.09944EPSS
Exploits5
Packet Storm
Packet Storm
added 2015/08/31 12:0 a.m.38 views

Ganglia Web Frontend PHP Code Execution

...

7.5CVSS0.6AI score0.09944EPSS
Exploits5
securityvulns
securityvulns
added 2014/08/26 12:0 a.m.125 views

[SECURITY] [DSA 2970-1] cacti security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2970-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 29, 2014 http://www.debian.org/security/faq -...

7.5CVSS1.5AI score0.04957EPSS
Exploits4
Debian
Debian
added 2014/07/15 7:36 a.m.34 views

cacti security update

Package : cacti Version : 0.8.7g-1+squeeze4 CVE ID : CVE-2014-2326 CVE-2014-2327 CVE-2014-2328 CVE-2014-2708 CVE-2014-2709 CVE-2014-4002 Debian Bug : 742768 743565 752573 Multiple security issues cross-site scripting, cross-site request forgery, SQL injections, missing input sanitising have been...

7.5CVSS2.8AI score0.04957EPSS
Exploits4
OpenVAS
OpenVAS
added 2014/06/28 12:0 a.m.31 views

Debian: Security Advisory (DSA-2970-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.8AI score0.04957EPSS
Exploits4References3
Metasploit
Metasploit
added 2013/05/15 2:2 p.m.66 views

Mutiny 5 Arbitrary File Read and Delete

This module exploits the EditDocument servlet from the frontend on the Mutiny 5 appliance. The EditDocument servlet provides file operations, such as copy and delete, which are affected by a directory traversal vulnerability. Because of this, any authenticated frontend user can read and delete...

8.5CVSS6.3AI score0.40338EPSS
Exploits8
Kitploit
Kitploit
added 2013/04/11 1:14 p.m.15 views

[SAMHAIN v3.0.11 & BELTANE v2.4.6] Host-based intrusion detection system (HIDS)

The Samhain host-based intrusion detection system HIDS provides file integrity checking and log file monitoring/analysis , as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes. Samhain been designed to monitor multiple hosts with potentially...

7.3AI score
Exploits0
OpenVAS
OpenVAS
added 2012/08/13 12:0 a.m.20 views

Ganglia Detection (HTTP)

HTTP based detection of Ganglia. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.103534";...

7.4AI score
Exploits0References1
Packet Storm
Packet Storm
added 2012/02/24 12:0 a.m.32 views

phpDenora 1.4.6 SQL Injection

Title : phpDenora = 1.4.6 Multiple SQL Injection Vulnerabilities Author : P. de Brouwer - KnickLighter @knickz0r NLSecurity - www.nlsecurity.org [email protected] Dork : intext:"Powered by phpDenora" Software : phpDenora = 1.4.6 http://sourceforge.net/projects/phpdenora/files/phpDenora/1.4.6/...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2012/02/23 12:0 a.m.27 views

phpDenora 1.4.6 - Multiple SQL Injections

Title : phpDenora = 1.4.6 Multiple SQL Injection Vulnerabilities Author : P. de Brouwer - KnickLighter @knickz0r NLSecurity - www.nlsecurity.org [email protected] Dork : intext:"Powered by phpDenora" Software : phpDenora = 1.4.6 http://sourceforge.net/projects/phpdenora/files/phpDenora/1.4.6/...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2011/07/29 12:0 a.m.24 views

Citrix XenApp / XenDesktop Stack-Based Buffer Overflow

No description provided by source. n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2011.001 28-Jul-2011 Vendor: Citrix, http://www.citrix.com Affected Products: XenApp and XenDesktop Affected Version: See the Citrix security bulletin 2 for a list Vulnerability: Stack-Based Buffer...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/08/23 12:0 a.m.28 views

Debian DSA-2092-1 : lxr-cvs - missing input sanitizing

Dan Rosenberg discovered that in lxr-cvs, a code-indexing tool with a web frontend, not enough sanitation of user input is performed; an attacker can take advantage of this and pass script code in order to perform cross-site scripting attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

4.3CVSS5.1AI score0.03221EPSS
Exploits0References8
Rows per page
Query Builder