Showing 1 - 2 of 2

Files from sghctoma

Visual Mining NetCharts Server Remote Code Execution: Posted Nov 7, 2014; Authored by juan vazquez, sghctoma | Site metasploit.com; This Metasploit module exploits multiple vulnerabilities in Visual Mining NetCharts. First, a lack of input validation in the administration console permits arbitrary jsp code upload to locations accessible later through the web service. Authentication is typically required, however a 'hidden' user is available by default (and non editable). This user, named 'Scheduler', can only login to the console after any modification in the user database (a user is added, admin password is changed etc). If the 'Scheduler' user isn't available valid credentials must be supplied. The default Admin password is Admin.; tags | exploit, web, arbitrary, vulnerability; advisories | CVE-2014-8516; SHA-256 | 8a3b765845b48b56bd638e90b38b71b9b937f492e8f972a8b7552ad9f1f4c4ec; Download | Favorite | View

D-Link DNS-323 File Upload / Traversal / Command Execution: Posted May 2, 2013; Authored by sghctoma; D-Link DNS-323 suffers from remote arbitrary file upload, directory traversal, and command execution vulnerabilities.; tags | exploit, remote, arbitrary, vulnerability, file inclusion, file upload; SHA-256 | 73e321a17a925589691872d4a616ae300aabc4641e22fad215bbb2024c010d77; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days