EUVD-2011-2157

Malware in sbrugna...

CVE-2012-10032

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/maxthonhistoryxcs.rb 2025-10-23 21:12:56+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...

Watchguard XCS - Remote Command Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Watchguard XCS Remote Command Execution', 'Description' = %q This module exploits two separate vulnerabilities found in the Watchgua...

Watchguard XCS - FixCorruptMail Privilege Escalation (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Watchguard XCS FixCorruptMail Local Privilege Escalation', 'Description' = %q This module exploits a vulnerability in the Watchguard...

Watchguard XCS FixCorruptMail Local Privilege Escalation Exploit

This Metasploit module exploits a vulnerability in the Watchguard XCS 'FixCorruptMail' script called by root's crontab which can be exploited to run a command as root within 3 minutes. This module requires Metasploit: http://metasploit.com/download Current source:...

Watchguard XCS FixCorruptMail Local Privilege Escalation

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Watchguard XCS FixCorruptMail Local Privilege Escalation', 'Description' = %q This module exploits a vulnerability in the Watchguard...

Watchguard XCS Remote Command Execution Exploit

This Metasploit module exploits two separate vulnerabilities found in the Watchguard XCS virtual appliance to gain command execution. By exploiting an unauthenticated SQL injection, a remote attacker may insert a valid web user into the appliance database, and get access to the web interface. On...

Watchguard XCS Remote Command Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Watchguard XCS Remote Command Execution', 'Description' = %q This module exploits two separate vulnerabilities found in the Watchgua...

Watchguard XCS FixCorruptMail Local Privilege Escalation

This module exploits a vulnerability in the Watchguard XCS 'FixCorruptMail' script called by root's crontab which can be exploited to run a command as root within 3 minutes. This module requires Metasploit: https://metasploit.com/download Current source:...

Watchguard XCS Remote Command Execution

This module exploits two separate vulnerabilities found in the Watchguard XCS virtual appliance to gain command execution. By exploiting an unauthenticated SQL injection, a remote attacker may insert a valid web user into the appliance database, and get access to the web interface. On the other...

Watchguard XCS Arbitrary Command Execution Vulnerability

Watchguard XCS is an all-in-one solution for protection against spam, viruses, corrupted websites, blended threats and cyber-attacks from WatchGuard USA. A security vulnerability exists in Watchguard XCS version 9.2 and build 150522 prior to version 10.0, which stems from the failure of the...

CVE-2015-5453

Watchguard XCS 9.2 and 10.0 before build 150522 allow remote authenticated users to execute arbitrary commands via shell metacharacters in the id parameter to ADMIN/mailqueue.spl...

CVE-2015-5452

SQL injection vulnerability in Watchguard XCS 9.2 and 10.0 before build 150522 allows remote attackers to execute arbitrary SQL commands via the sid cookie, as demonstrated by a request to borderpost/imp/compose.php3...

Code injection

Watchguard XCS 9.2 and 10.0 before build 150522 allow remote authenticated users to execute arbitrary commands via shell metacharacters in the id parameter to ADMIN/mailqueue.spl...

Sql injection

SQL injection vulnerability in Watchguard XCS 9.2 and 10.0 before build 150522 allows remote attackers to execute arbitrary SQL commands via the sid cookie, as demonstrated by a request to borderpost/imp/compose.php3...

CVE-2015-5452

WatchGuard XCS is affected. The CVE-2015-5452 issue is a SQL injection in WatchGuard XCS 9.2 and 10.0 prior to build 150522. The vulnerability can be triggered by crafting a request to borderpost/imp/compose.php3 that manipulates the sid cookie, allowing remote attackers to execute arbitrary SQL ...

CVE-2015-5453

CVE-2015-5453 affects WatchGuard XCS 9.2 and 10.0 before build 150522. The root cause is failure to filter shell metacharacters in the id parameter of ADMIN/mailqueue.spl, enabling a remote authenticated user to execute arbitrary commands. Public writeups confirm exploitable paths via web interfa...

CVE-2015-5452

SQL injection vulnerability in Watchguard XCS 9.2 and 10.0 before build 150522 allows remote attackers to execute arbitrary SQL commands via the sid cookie, as demonstrated by a request to borderpost/imp/compose.php3...

CVE-2015-5453

Watchguard XCS 9.2 and 10.0 before build 150522 allow remote authenticated users to execute arbitrary commands via shell metacharacters in the id parameter to ADMIN/mailqueue.spl...

Watchguard XCS 10.0 - Multiple Vulnerabilities

Exploit for php platform in category web applications Watchguard XCS Multiple Vulnerabilities Affected versions: Watchguard XCS =10.0 PDF: http://www.security-assessment.com/files/documents/advisory/Watchguard-XCS-final.pdf +-----------+ |Description| +-----------+ The Watchguard XCS virtual...