34 matches found
EUVD-2011-2157
Malware in sbrugna...
CVE-2012-10032
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/maxthonhistoryxcs.rb 2025-10-23 21:12:56+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...
Watchguard XCS - FixCorruptMail Privilege Escalation (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Watchguard XCS FixCorruptMail Local Privilege Escalation', 'Description' = %q This module exploits a vulnerability in the Watchguard...
Watchguard XCS - Remote Command Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Watchguard XCS Remote Command Execution', 'Description' = %q This module exploits two separate vulnerabilities found in the Watchgua...
Watchguard XCS FixCorruptMail Local Privilege Escalation
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Watchguard XCS FixCorruptMail Local Privilege Escalation', 'Description' = %q This module exploits a vulnerability in the Watchguard...
Watchguard XCS Remote Command Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Watchguard XCS Remote Command Execution', 'Description' = %q This module exploits two separate vulnerabilities found in the Watchgua...
Watchguard XCS FixCorruptMail Local Privilege Escalation Exploit
This Metasploit module exploits a vulnerability in the Watchguard XCS 'FixCorruptMail' script called by root's crontab which can be exploited to run a command as root within 3 minutes. This module requires Metasploit: http://metasploit.com/download Current source:...
Watchguard XCS Remote Command Execution Exploit
This Metasploit module exploits two separate vulnerabilities found in the Watchguard XCS virtual appliance to gain command execution. By exploiting an unauthenticated SQL injection, a remote attacker may insert a valid web user into the appliance database, and get access to the web interface. On...
Watchguard XCS FixCorruptMail Local Privilege Escalation
This module exploits a vulnerability in the Watchguard XCS 'FixCorruptMail' script called by root's crontab which can be exploited to run a command as root within 3 minutes. This module requires Metasploit: https://metasploit.com/download Current source:...
Watchguard XCS Remote Command Execution
This module exploits two separate vulnerabilities found in the Watchguard XCS virtual appliance to gain command execution. By exploiting an unauthenticated SQL injection, a remote attacker may insert a valid web user into the appliance database, and get access to the web interface. On the other...
Watchguard XCS Arbitrary Command Execution Vulnerability
Watchguard XCS is an all-in-one solution for protection against spam, viruses, corrupted websites, blended threats and cyber-attacks from WatchGuard USA. A security vulnerability exists in Watchguard XCS version 9.2 and build 150522 prior to version 10.0, which stems from the failure of the...
CVE-2015-5453
Watchguard XCS 9.2 and 10.0 before build 150522 allow remote authenticated users to execute arbitrary commands via shell metacharacters in the id parameter to ADMIN/mailqueue.spl...
CVE-2015-5452
SQL injection vulnerability in Watchguard XCS 9.2 and 10.0 before build 150522 allows remote attackers to execute arbitrary SQL commands via the sid cookie, as demonstrated by a request to borderpost/imp/compose.php3...
Code injection
Watchguard XCS 9.2 and 10.0 before build 150522 allow remote authenticated users to execute arbitrary commands via shell metacharacters in the id parameter to ADMIN/mailqueue.spl...
Sql injection
SQL injection vulnerability in Watchguard XCS 9.2 and 10.0 before build 150522 allows remote attackers to execute arbitrary SQL commands via the sid cookie, as demonstrated by a request to borderpost/imp/compose.php3...
CVE-2015-5453
Watchguard XCS 9.2 and 10.0 before build 150522 allow remote authenticated users to execute arbitrary commands via shell metacharacters in the id parameter to ADMIN/mailqueue.spl...
CVE-2015-5452
SQL injection vulnerability in Watchguard XCS 9.2 and 10.0 before build 150522 allows remote attackers to execute arbitrary SQL commands via the sid cookie, as demonstrated by a request to borderpost/imp/compose.php3...
CVE-2015-5453
CVE-2015-5453 affects WatchGuard XCS 9.2 and 10.0 before build 150522. The root cause is failure to filter shell metacharacters in the id parameter of ADMIN/mailqueue.spl, enabling a remote authenticated user to execute arbitrary commands. Public writeups confirm exploitable paths via web interfa...
CVE-2015-5452
WatchGuard XCS is affected. The CVE-2015-5452 issue is a SQL injection in WatchGuard XCS 9.2 and 10.0 prior to build 150522. The vulnerability can be triggered by crafting a request to borderpost/imp/compose.php3 that manipulates the sid cookie, allowing remote attackers to execute arbitrary SQL ...
Watchguard XCS 10.0 - Multiple Vulnerabilities
Exploit for php platform in category web applications Watchguard XCS Multiple Vulnerabilities Affected versions: Watchguard XCS =10.0 PDF: http://www.security-assessment.com/files/documents/advisory/Watchguard-XCS-final.pdf +-----------+ |Description| +-----------+ The Watchguard XCS virtual...