This Metasploit module exploits a vulnerability found in Cisco Prime Infrastructure. The issue is that the TarArchive Java class the HA Health Monitor component uses does not check for any directory traversals while unpacking a Tar file, which can be abused by a remote user to leverage the UploadServlet class to upload a JSP payload […]
Cisco Prime Infrastructure – Runrshell Privilege Escalation (Metasploit)
Tags:
0day,
remote exploit
Cisco Prime Infrastructure Health Monitor – TarArchive Directory Traversal (Metasploit)
Tags:
0day,
remote exploit
Linux – Use-After-Free via race Between modify_ldt() and #BR Exception
Tags:
0day,
remote exploit
BlogEngine.NET 3.3.6/3.3.7 – XML External Entity Injection
Tags:
0day,
remote exploit
WebERP 4.15 – SQL injection
Tags:
0day,
remote exploit
Tuneclone 2.20 – Local SEH Buffer Overflow
Tags:
0day,
remote exploit
Serv-U FTP Server version 15.1.6 suffers from a local privilege escalation vulnerability.
Sahi Pro versions 7.x and 8.x suffer from a directory traversal vulnerability.
Sahi Pro version 8.x suffers from a remote SQL injection vulnerability.