A successful attack can lead to SQL injection. This signature detects attempts to exploit a known vulnerability against WiKID 2FA Enterprise Server. HTTP:SQL:INJ:WIKID-SERVER-SQLI - HTTP: WiKID 2FA Enterprise Server searchDevices.jsp SQL Injection Severity: MEDIUM Description: A malicious Web site can exploit a known vulnerability in Microsoft Internet Explorer and create a denial of service to the client browser. This signature detects Web pages containing dangerous ActiveX object. HTTP:STC:IE:IE-ACTIVEX-DRCTANIM - HTTP: Internet Explorer ActiveX DirectAnimation Severity: LOW Description: A successful attack can result in a denial-of-service condition. This signature detects attempts to exploit a known vulnerability against Apache Traffic Server. HTTP2:APACHE-SETTING-DNS - HTTP2: Apache Traffic Server HTTP2 Settings Flood Denial of Service Severity: HIGH Description: A successful attack can lead to arbitrary code execution. This signature detects attempts to exploit a known vulnerability against HPE Intelligent Management Center. HTTP:CTS:HPE-BYTE-MSG-RCE - HTTP: HPE Intelligent Management Center ByteMessageResource Insecure Deserialization Remote Code Execution Severity: CRITICAL Description: This signature detects attempts to exploit a known vulnerability against Apache Solr. HTTP:APACHE:SOLR-DATIMPORT-RCE - HTTP: Apache Solr DataImportHandler Remote Code Execution Severity: CRITICAL Description: Attackers can steal cookie-based authentication credentials and launch other attacks. It is due to insufficient validation of user-supplied input. This signature detects attempts to exploit a known cross-site scripting vulnerability against OpenEMR. HTTP:CTS:OPEN-EMR-XSS - HTTP: OpenEMR C-Document Cross-Site Scripting Severity: MEDIUM Description: HTTP: Internet Explorer ActiveX DirectAnimationÄetails of the signatures included within this bulletin: HTTP: Netgear ProSAFE NMS300 fileUpload.do Arbitrary File Upload HTTP: Pulse Secure Platform Stack-Based Buffer Overflow HTTP: Java Script Unescape Hex Encoded Remote Code Execution HTTP: Apache Tomcat CVE-2019-0232 Command Injection HTTP: Cisco IOS XE WebUI Privileged Command Injection HTTP: WiKID 2FA Enterprise Server searchDevices.jsp SQL Injection HTTP2: Apache Traffic Server HTTP2 Settings Flood Denial of Service HTTP: HPE Intelligent Management Center ByteMessageResource Insecure Deserialization Remote Code Execution HTTP: Apache Solr DataImportHandler Remote Code Execution HTTP: OpenEMR C-Document Cross-Site Scripting
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |