Lucene search
PRIOn knowledge basePRION:CVE-2016-0710HistoryApr 11, 2016 - 2:59 p.m.
Sql injection
2016-04-1114:59:00
PRIOn knowledge base
www.prio-n.com
6
Multiple SQL injection vulnerabilities in the User Manager service in Apache Jetspeed before 2.3.1 allow remote attackers to execute arbitrary SQL commands via the (1) role or (2) user parameter to services/usermanager/users/.
References
haxx.ml/post/140552592371/remote-code-execution-in-apache-jetspeed-230-and
packetstormsecurity.com/files/136489/Apache-Jetspeed-Arbitrary-File-Upload.html
www.rapid7.com/db/modules/exploit/multi/http/apache_jetspeed_file_upload
mail-archives.apache.org/mod_mbox/portals-jetspeed-user/201603.mbox/%3C046318A1-226E-453F-9394-B84F1A33E6A4%40bluesunrise.com%3E
portals.apache.org/jetspeed-2/security-reports.html
www.exploit-db.com/exploits/39643/
Related
nessus
nessus
Apache Jetspeed User Manager Service SQLi
2016-03-28 00:00:00
checkpoint_advisories
checkpoint_advisories
Apache Jetspeed SQL Injection (CVE-2016-0710)
2016-04-18 00:00:00
cvelist
cvelist
CVE-2016-0710
2016-04-11 14:00:00
seebug
seebug
Apache Jetspeed 目录穿越漏洞
2016-03-07 00:00:00
cve
cve
CVE-2016-0710
2016-04-11 14:59:03
nvd
nvd
CVE-2016-0710
2016-04-11 14:59:03
packetstorm
packetstorm
Apache Jetspeed Arbitrary File Upload
2016-03-31 00:00:00
metasploit
metasploit
Apache Jetspeed Arbitrary File Upload
2016-03-24 00:22:32
zdt
zdt
Apache Jetspeed - Arbitrary File Upload (Metasploit)
2016-03-31 00:00:00
exploitdb
exploitdb
Apache Jetspeed - Arbitrary File Upload (Metasploit)
2016-03-31 00:00:00
ibm
ibm
openvas
openvas
Apache Jetspeed Multiple Vulnerabilities (Mar 2016)
2016-04-01 00:00:00