85 matches found
Hardcoded credentials
Jalios JCMS 10 allows attackers to access any part of the website and the WebDAV server with administrative privileges via a backdoor account, by using any username and the hardcoded dev password...
CVE-2019-19033
CVE-2019-19033 affects Jalios JCMS 10. The webdav authentication can be bypassed via a backdoor account using any username and a hardcoded dev password, granting administrative access to the site and WebDAV server. The vulnerability stems from insecure handling in the DevTools plugin (DevToolsAut...
CVE-2019-19033
Jalios JCMS 10 allows attackers to access any part of the website and the WebDAV server with administrative privileges via a backdoor account, by using any username and the hardcoded dev password...
WebDAV Server Serving DLL
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Serve DLL via webdav server', 'Description' = %q This module simplifies the rundll32.exe Application Whitelisting Bypass technique. The module...
Apereo Bedework bw-webdav XML External Entity Injection Vulnerability
Apereo Bedework bw-webdav is a general purpose webdav server. It is primarily used to interact with the backend to access resources. A security vulnerability exists in Apereo Bedework bw-webdav versions prior to 4.0.3. An attacker can exploit this vulnerability to perform an XML external entity...
Microsoft Windows - Constrained Impersonation Capability Privilege Escalation Exploit
Exploit for windows platform in category local exploits Windows: Constrained Impersonation Capability EoP Platform: Windows 10 1703/1709 not tested earlier versions Class: Elevation of Privilege Summary: It’s possible to use the constrained impersonation capability added in Windows 10 to...
Microsoft Windows - Constrained Impersonation Capability Privilege Escalation
Windows: Constrained Impersonation Capability EoP Platform: Windows 10 1703/1709 not tested earlier versions Class: Elevation of Privilege Summary: It’s possible to use the constrained impersonation capability added in Windows 10 to impersonate a lowbox SYSTEM token leading to EoP. Description:...
Microsoft Office - OLE Remote Code Execution
Microsoft Office - OLE Remote Code Execution Source: https://github.com/embedi/CVE-2017-11882 CVE-2017-11882: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ MITRE CVE-2017-11882: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11882 Research:...
DavFS2: Local privilege escalation
Background DavFS2 is a file system driver that allows you to mount a WebDAV server as a local disk drive. Description DavFS2 installs “/usr/sbin/mount.davfs” as setuid root. This utility uses “system” to call “/sbin/modprobe”. While the call to “modprobe” itself cannot be manipulated, a local...
NVIDIA Driver - NvStreamKms PsSetCreateProcessNotifyRoutineEx Local Stack Buffer Overflow Callback Local Privilege Escalation
NVIDIA Driver - NvStreamKms PsSetCreateProcessNotifyRoutineEx Local Stack Buffer Overflow Callback Local Privilege Escalation Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=918 The NvStreamKms.sys driver calls PsSetCreateProcessNotifyRoutineEx to set up a process creation...
[SECURITY] Fedora 24 Update: davfs2-1.5.4-3.fc24
davfs2 is a Linux file system driver that allows you to mount a WebDAV serv er as a disk drive...
Milton Webdav Information Disclosure Vulnerability
Milton Webdav is an open source WebDAV server-side components developed by the Webdav community . A security vulnerability exists in Milton Webdav that could be exploited by remote attackers to obtain sensitive information...
Microsoft Windows 8.1 - Local WebDAV NTLM Reflection Privilege Escalation
Source: https://code.google.com/p/google-security-research/issues/detail?id=222 Windows: Local WebDAV NTLM Reflection Elevation of Privilege Platform: Windows 8.1 Update, Windows 7 Class: Elevation of Privilege Summary: A default installation of Windows 7/8 can be made to perform a NTLM reflectio...
Internet Explorer Winhlp32.exe MsgBox Code Execution
No description provided by source. $Id: ms10022ievbscriptwinhlp32.rb 10504 2010-09-28 16:19:50Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing an...
GE Proficy CIMPLICITY gefebt.exe Remote Code Execution
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'GE Proficy CIMPLICITY gefebt.exe Remote Code Execution', 'Description' = %q This module abuses the gefebt.exe component in GE Proficy...
GE Proficy CIMPLICITY gefebt.exe Remote Code Execution
This Metasploit module abuses the gefebt.exe component in GE Proficy CIMPLICITY, reachable through the CIMPLICIY CimWebServer. The vulnerable component allows to execute remote BCL files in shared resources. An attacker can abuse this behaviour to execute a malicious BCL and drop an arbitrary EXE...
GE Proficy CIMPLICITY gefebt.exe Remote Code Execution
This module abuses the gefebt.exe component in GE Proficy CIMPLICITY, reachable through the CIMPLICIY CimWebServer. The vulnerable component allows to execute remote BCL files in shared resources. An attacker can abuse this behavior to execute a malicious BCL and drop an arbitrary EXE. The last o...
[SECURITY] Fedora 18 Update: davfs2-1.4.7-3.fc18
davfs2 is a Linux file system driver that allows you to mount a WebDAV serv er as a disk drive...
[SECURITY] Fedora 19 Update: davfs2-1.4.7-3.fc19
davfs2 is a Linux file system driver that allows you to mount a WebDAV serv er as a disk drive...
BlackBerry Link Multiple Vulnerabilities
The remote host has a version of BlackBerry Link installed that is prior to version 1.2.1.31. Such versions are affected by multiple vulnerabilities : - A WebDAV server that listens on an IPv6 address allows remote access to the host's file system. It may also be possible to utilize this...