SAP Unauthenticated WebService User Creation

This module leverages an unauthenticated web service to submit a job which will create a user with a specified role. The job involves running a wizard. After the necessary action is taken, the job is ...

Continue Reading
U.S. Dept Of Defense: SharePoint Web Services Exposed to Anonymous Access

Summary: Any unauthenticated/anonymous users are able to access the SharePoint Web Services (.wsdl files) for the ?????????? website. Description: The SharePoint installation for this particular site ...

Continue Reading
Kentico CMS 12.0.14 Remote Command Execution Exploit

This Metasploit module exploits a vulnerability in the Kentico CMS platform versions 12.0.14 and earlier. Remote command execution is possible via unauthenticated XML requests to the Staging Service S ...

Continue Reading
Kentico CMS 12.0.14 Remote Command Execution

Post ContentRead More ...

Continue Reading
Improper Restriction of XML External Entity Reference in soa-model

Soa-model is a toolkit and Java API for WSDL, WADL and XML Schema. An XML External Entity (XXE) vulnerability exists in versions of soa-model prior to 1.6.4 in the WSDLParser function. This issue has ...

Continue Reading
CVE-2021-3690

buffer leak on incoming websocket PONG message may lead to DoSRead More ...

Continue Reading
Prowise Reflect v1.0.9 – Remote Keystroke Injection

Post ContentRead More ...

Continue Reading
Prowise Reflect 1.0.9 Remote Keystroke Injection

Post ContentRead More ...

Continue Reading

Back to Main

Subscribe for the latest news: