#ExploitObserverAlert
WLB-2024030019
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024030019. Akaunting 3.1.3 Remote Command Execution.
WLB-2024030019
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024030019. Akaunting 3.1.3 Remote Command Execution.
#ExploitObserverAlert
WLB-2024030022
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024030022. Adobe ColdFusion 2018,15 / 2021,5 Arbitrary File Read.
WLB-2024030022
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024030022. Adobe ColdFusion 2018,15 / 2021,5 Arbitrary File Read.
#ExploitObserverAlert
EDB-51873
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51873. Microsoft Windows Defender / Trojan.Win32/Powessere.G - Detection Mitigation Bypass
EDB-51873
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51873. Microsoft Windows Defender / Trojan.Win32/Powessere.G - Detection Mitigation Bypass
#ExploitObserverAlert
WLB-2024030025
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024030025. TP-Link TL-WR740N Buffer Overflow / Denial Of Service.
WLB-2024030025
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024030025. TP-Link TL-WR740N Buffer Overflow / Denial Of Service.
#ExploitObserverAlert
PD/http/cves/2023/CVE-2023-43187
DESCRIPTION: Exploit Observer has 7 entries in 4 file formats related to PD/http/cves/2023/CVE-2023-43187. A remote code execution (RCE) vulnerability in the xmlrpc.php endpoint of NodeBB Inc NodeBB forum software prior to v1.18.6 allows attackers to execute arbitrary code via crafted XML-RPC requests.
PD/http/cves/2023/CVE-2023-43187
DESCRIPTION: Exploit Observer has 7 entries in 4 file formats related to PD/http/cves/2023/CVE-2023-43187. A remote code execution (RCE) vulnerability in the xmlrpc.php endpoint of NodeBB Inc NodeBB forum software prior to v1.18.6 allows attackers to execute arbitrary code via crafted XML-RPC requests.
#ExploitObserverAlert
MSF/auxiliary_gather/minio_bootstrap_verify_info_disc
DESCRIPTION: Exploit Observer has 62 entries in 13 file formats related to MSF/auxiliary_gather/minio_bootstrap_verify_info_disc. MinIO is a Multi-Cloud Object Storage framework. In a cluster deployment starting with RELEASE.2019-12-17T23-16-33Z and prior to RELEASE.2023-03-20T20-16-18Z, MinIO returns all environment variables, including `MINIO_SECRET_KEY` and `MINIO_ROOT_PASSWORD`, resulting in information disclosure. Verified against MinIO 2023-02-27T18:10:45Z
MSF/auxiliary_gather/minio_bootstrap_verify_info_disc
DESCRIPTION: Exploit Observer has 62 entries in 13 file formats related to MSF/auxiliary_gather/minio_bootstrap_verify_info_disc. MinIO is a Multi-Cloud Object Storage framework. In a cluster deployment starting with RELEASE.2019-12-17T23-16-33Z and prior to RELEASE.2023-03-20T20-16-18Z, MinIO returns all environment variables, including `MINIO_SECRET_KEY` and `MINIO_ROOT_PASSWORD`, resulting in information disclosure. Verified against MinIO 2023-02-27T18:10:45Z
#ExploitObserverAlert
WLB-2024030018
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024030018. DataCube3 1.0 Shell Upload.
WLB-2024030018
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024030018. DataCube3 1.0 Shell Upload.
#ExploitObserverAlert
EDB-51866
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51866. TP-Link TL-WR740N - Buffer Overflow 'DOS'
EDB-51866
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51866. TP-Link TL-WR740N - Buffer Overflow 'DOS'
#ExploitObserverAlert
WLB-2024030020
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024030020. Hitachi NAS SMU Backup And Restore Insecure Direct Object Reference.
WLB-2024030020
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024030020. Hitachi NAS SMU Backup And Restore Insecure Direct Object Reference.
#ExploitObserverAlert
PSS-177523
DESCRIPTION: Exploit Observer has 31 entries in 9 file formats related to PSS-177523. Adobe ColdFusion 2018,15 / 2021,5 Arbitrary File Read. Adobe ColdFusion versions 2018,15 and below and versions 2021,5 and below suffer from an arbitrary file read vulnerability.
PSS-177523
DESCRIPTION: Exploit Observer has 31 entries in 9 file formats related to PSS-177523. Adobe ColdFusion 2018,15 / 2021,5 Arbitrary File Read. Adobe ColdFusion versions 2018,15 and below and versions 2021,5 and below suffer from an arbitrary file read vulnerability.
#ExploitObserverAlert
PSS-177524
DESCRIPTION: Exploit Observer has 23 entries in 8 file formats related to PSS-177524. Sitecore 8.2 Remote Code Execution. Sitecore version 8.2 suffers from a remote code execution vulnerability.
PSS-177524
DESCRIPTION: Exploit Observer has 23 entries in 8 file formats related to PSS-177524. Sitecore 8.2 Remote Code Execution. Sitecore version 8.2 suffers from a remote code execution vulnerability.
#ExploitObserverAlert
PD/http/cves/2023/CVE-2023-5089
DESCRIPTION: Exploit Observer has 9 entries in 4 file formats related to PD/http/cves/2023/CVE-2023-5089. The Defender Security WordPress plugin before 4.1.0 does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthenticated visitor to access the login page, even when the hide login page functionality of the plugin is enabled.
PD/http/cves/2023/CVE-2023-5089
DESCRIPTION: Exploit Observer has 9 entries in 4 file formats related to PD/http/cves/2023/CVE-2023-5089. The Defender Security WordPress plugin before 4.1.0 does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthenticated visitor to access the login page, even when the hide login page functionality of the plugin is enabled.
#ExploitObserverAlert
WLB-2024030013
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024030013. MongoDB 2.0.1 / 2.1.1 / 2.1.4 / 2.1.5 Local Password Disclosure.
WLB-2024030013
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024030013. MongoDB 2.0.1 / 2.1.1 / 2.1.4 / 2.1.5 Local Password Disclosure.
#ExploitObserverAlert
CVE-2023-49785
DESCRIPTION: Exploit Observer has 2 entries in 1 file formats related to CVE-2023-49785.
FIRST-EPSS: 0.000490000
CVE-2023-49785
DESCRIPTION: Exploit Observer has 2 entries in 1 file formats related to CVE-2023-49785.
FIRST-EPSS: 0.000490000
#ExploitObserverAlert
GHSA-2jx3-fx5f-r2c6
DESCRIPTION: Exploit Observer has 6 entries in 2 file formats related to GHSA-2jx3-fx5f-r2c6.
GHSA-2jx3-fx5f-r2c6
DESCRIPTION: Exploit Observer has 6 entries in 2 file formats related to GHSA-2jx3-fx5f-r2c6.
#ExploitObserverAlert
CVE-2024-27297
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2024-27297.
FIRST-EPSS: 0.000450000
CVE-2024-27297
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2024-27297.
FIRST-EPSS: 0.000450000
#ExploitObserverAlert
CVE-2023-36554
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2023-36554. A improper access control in Fortinet FortiManager version 7.4.0, version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.10, version 6.4.0 through 6.4.13, 6.2 all versions allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.
CVE-2023-36554
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2023-36554. A improper access control in Fortinet FortiManager version 7.4.0, version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.10, version 6.4.0 through 6.4.13, 6.2 all versions allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.
#ExploitObserverAlert
BDU:2015-10403
DESCRIPTION: Exploit Observer has 26 entries in 7 file formats related to BDU:2015-10403. Vulnerability in the Windows Embedded Standard 2009 operating system that allows an attacker to cause a denial of service. The Windows Embedded Standard 2009 operating system contains a vulnerability in the kernel mode driver rdpwd.sys, located in the C:\Windows\System32 directory, which incorrectly handles the dynamic memory allocated to it for storing array elements. By using specially crafted requests sent over the RDP protocol, the attacker can force the driver to release memory twice, which will generally result in a system crash.
BDU:2015-10403
DESCRIPTION: Exploit Observer has 26 entries in 7 file formats related to BDU:2015-10403. Vulnerability in the Windows Embedded Standard 2009 operating system that allows an attacker to cause a denial of service. The Windows Embedded Standard 2009 operating system contains a vulnerability in the kernel mode driver rdpwd.sys, located in the C:\Windows\System32 directory, which incorrectly handles the dynamic memory allocated to it for storing array elements. By using specially crafted requests sent over the RDP protocol, the attacker can force the driver to release memory twice, which will generally result in a system crash.
#ExploitObserverAlert
CVE-2023-47534
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2023-47534. A improper neutralization of formula elements in a csv file in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.10, 6.4.0 through 6.4.9, 6.2.0 through 6.2.9, 6.0.0 through 6.0.8 allows attacker to execute unauthorized code or commands via specially crafted packets.
CVE-2023-47534
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2023-47534. A improper neutralization of formula elements in a csv file in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.10, 6.4.0 through 6.4.9, 6.2.0 through 6.2.9, 6.0.0 through 6.0.8 allows attacker to execute unauthorized code or commands via specially crafted packets.
#ExploitObserverAlert
BDU:2023-07691
DESCRIPTION: Exploit Observer has 28 entries in 10 file formats related to BDU:2023-07691. Vulnerability in the functions EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2(), EVP_CipherInit_ex2() of the OpenSSL cryptographic library, allowing an attacker to cause a denial of service. The vulnerability in the functions EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2(), EVP_CipherInit_ex2() of the OpenSSL cryptographic library is related to manipulation of the keylen/ivlen argument. Exploiting the vulnerability could allow a remote attacker to cause a denial of service.
BDU:2023-07691
DESCRIPTION: Exploit Observer has 28 entries in 10 file formats related to BDU:2023-07691. Vulnerability in the functions EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2(), EVP_CipherInit_ex2() of the OpenSSL cryptographic library, allowing an attacker to cause a denial of service. The vulnerability in the functions EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2(), EVP_CipherInit_ex2() of the OpenSSL cryptographic library is related to manipulation of the keylen/ivlen argument. Exploiting the vulnerability could allow a remote attacker to cause a denial of service.
#ExploitObserverAlert
EDB-51877
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51877. Human Resource Management System 1.0 - 'employeeid' SQL Injection
EDB-51877
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51877. Human Resource Management System 1.0 - 'employeeid' SQL Injection