88 matches found
ownCloud: bug reporting template encourages users to paste config file with passwords
The dangerous bug reporting template ============================= The github bug reporting template for owncloud's server and some apps contains this: The content of config/config.php: If you have access to your command line run e.g.: sudo -u www-data php occ config:list system from within your...
Nextcloud: bug reporting template encourages users to paste config file with passwords
The dangerous bug reporting template ============================= The github bug reporting template for nextcloud's server and some apps contains this: The content of config/config.php: If you have access to your command line run e.g.: sudo -u www-data php occ config:list system from within your...
FireMon Immediate Insight Webinterface Detection
This script performs HTTP based detection of FireMon Immediate Insight Webinterface SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if...
Citrix Xenserver Web Detection
This script detects the Citrix Xenserver Webinterface SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
Usable Privacy Box: UpriBox
The upribox software is used to create Raspberry Pi images to turn your Raspberry Pi into a privacy-enhancing Wireless router. See the official Raspberry Pi documentation for pointers on how to install the upribox image on the SD card. Upon the first boot the SSH/VPN keys are automatically...
Cisco Finesse Detection (HTTP)
HTTP based detection of Cisco Finesse. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.105624";...
WPN-XM Server Stack Multiple Vulnerabilities
WPN-XM Server Stack is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wpnxmserverstack:wpnxm"...
Cisco Unified Communications Manager Webinterface Detection
Detection of Cisco Unified Communications Manager Webinterface. This script sends an HTTP GET request and tries to check the presence of Cisco Unified Communications Manager Webinterface from response. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a...
F5 Networks BIG-IQ Webinterface Default Credentials (HTTP)
The remote F5 BIG-IQ web interface is using known default credentials. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
JDownloader Webinterface Source Code Disclosure Vulnerability
No description provided by source. Exploit Title: JDownloader Webinterface Source Code Disclosure Date: 11/24/10 Author: Sil3ntDre4m Software Link: http://jdownloader.org Version: Latest 0.9.850 Tested on: Windows, Linux JDownloader WebInterface is vulnerable to a source code disclosure exploit t...
BNCwi <= 1.04 Local File Inclusion Vulnerability
No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered by dun \ dunatstrcpy.pl BNCwi = 1.04 Local File Inclusion Vulnerability Script: BNCwi is a Open-Source webinterface for psyBN...
Openfire Server <= 3.6.0a (Auth Bypass/SQL/XSS) Multiple Vulnerabilities
No description provided by source. Advisory: Openfire Server Multiple Vulnerabilities Advisory ID: AKADV2008-001 Release Date: 2008/11/07 Revision: 1.0 Last Modified: 2008/11/07 Date Reported: 2008/05/17 Author: Andreas Kurtz mail at andreas-kurtz.de Affected Software: Openfire Server = 3.6.0a...
Enigma2 Webinterface 1.7.x 1.6.x 1.5.x (linux) Remote File Disclosure
No description provided by source. !/usr/bin/perl Enigma2 Webinterface 1.7.x 1.6.x 1.5.x remote root file disclosure exploit Author: Todor Donev Email me: todor.donev@@gmail.com Platform: Linux Type: remote Gewgle Dork: Enigma2 movielist filetype:rss Enigma2 is a framebuffer-based zapping...
CVE-2012-1025
Absolute path traversal vulnerability in file in Enigma2 Webinterface 1.6.0 through 1.6.8, 1.6rc3, and 1.7.0 allows remote attackers to read arbitrary files via a full pathname in the file parameter...
CVE-2012-1024
Directory traversal vulnerability in file in Enigma2 Webinterface 1.5rc1 and 1.5beta4 allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...
Path traversal
Absolute path traversal vulnerability in file in Enigma2 Webinterface 1.6.0 through 1.6.8, 1.6rc3, and 1.7.0 allows remote attackers to read arbitrary files via a full pathname in the file parameter...
Directory traversal
Directory traversal vulnerability in file in Enigma2 Webinterface 1.5rc1 and 1.5beta4 allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...
CVE-2012-1024
Directory traversal vulnerability in file in Enigma2 Webinterface 1.5rc1 and 1.5beta4 allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...
CVE-2012-1025
CVE-2012-1025 is an absolute path traversal vulnerability in Enigma2 Webinterface, affecting versions 1.6.0–1.6.8, 1.6rc3, and 1.7.0. The issue allows a remote attacker to read arbitrary files by supplying a full pathname in the file parameter. Several sources (NVD, Red Hat entry, OpenVAS tests) ...
CVE-2012-1024
CVE-2012-1024 is a directory-traversal vulnerability in Enigma2 Webinterface (versions 1.5rc1 and 1.5beta4) where an attacker can read arbitrary files by supplying a .. in the file parameter. The issue enables information disclosure via the web interface and is reflected in multiple CVE/OpenVAS r...