CVSS: 7.5EPSS: 95%CPEs: 1EXPL: 2CVE-2014-4872 – Numara / BMC Track-It! FileStorageService - Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2014-4872
BMC Track-It! 11.3.0.355 does not require authentication on TCP port 9010, which allows remote attackers to upload arbitrary files, execute arbitrary code, or obtain sensitive credential and configuration information via a .NET Remoting request to (1) FileStorageService or (2) ConfigurationService. BMC Track-It! 11.3.0.355 no requiere la autenticación en el puerto TCP 9010, lo que permite a atacantes remotos subir ficheros arbitrarios, ejecutar código arbitrario u obtener información sensible sobre credenciales y configuraciones a través de una solicitud .NET Remoting en (1) FileStorageService o (2) ConfigurationService. BMC Track-it! • https://www.exploit-db.com/exploits/35032 https://www.exploit-db.com/exploits/34924 http://packetstormsecurity.com/files/128594/BMC-Track-it-Remote-Code-Execution-SQL-Injection.html http://www.kb.cert.org/vuls/id/121036 https://raw.githubusercontent.com/pedrib/PoC/master/generic/bmc-track-it-11.3.txt • CWE-306: Missing Authentication for Critical Function •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 3CVE-2014-4873 – BMC Track-It! - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2014-4873
SQL injection vulnerability in TrackItWeb/Grid/GetData in BMC Track-It! 11.3.0.355 allows remote authenticated users to execute arbitrary SQL commands via crafted POST data. Vulnerabilidad de inyección SQL en TrackItWeb/Grid/GetData en BMC Track-It! 11.3.0.355 permite a usuarios remotos autenticados ejecutar comandos SQL arbitrarios a través de datos POST manipulados. BMC Track-it! • https://www.exploit-db.com/exploits/34924 http://packetstormsecurity.com/files/128594/BMC-Track-it-Remote-Code-Execution-SQL-Injection.html http://www.kb.cert.org/vuls/id/121036 http://www.securityfocus.com/bid/70268 https://raw.githubusercontent.com/pedrib/PoC/master/generic/bmc-track-it-11.3.txt • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1CVE-2014-2591 – BMC Patrol For AIX Insecure RPATH Use
https://notcve.org/view.php?id=CVE-2014-2591
Untrusted search path vulnerability in BMC Patrol for AIX 3.9.00 allows local users to gain privileges via a crafted library, related to an incorrect RPATH setting. Vulnerabilidad de búsqueda de ruta no confiable en BMC Patrol para AIX 3.9.00 permite a usuarios locales ganar privilegios a través de una libraría manipulada, relacionado con una configuración RPATH incorrecta. It has been identified that binaries that are executed with elevated privileges (SetGID and SetUID programs) have been compiled in manner that means they searched for libraries in insecure locations. Version 3.9.00 of BMC Patrol for AIX is affected. • http://seclists.org/fulldisclosure/2014/Apr/199 https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2591 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 4CVE-2013-4945 – BMC Service Desk Express 10.2.1.95 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2013-4945
Multiple SQL injection vulnerabilities in BMC Service Desk Express (SDE) 10.2.1.95 allow remote attackers to execute arbitrary SQL commands via the (1) ASPSESSIONIDASSRATTQ, (2) TABLE_WIDGET_1, (3) TABLE_WIDGET_2, (4) browserDateTimeInfo, or (5) browserNumberInfo cookie parameter to DashBoardGUI.aspx; or the (6) UID parameter to login.aspx. Múltiples vulnerabilidades SQL en BMC Service Desk Express (SDE) 10.2.1.95, permite a atacantes remotos ejecutar comandos SQL arbitrarios a través de los parámetros (1) ASPSESSIONIDASSRATTQ, (2) TABLE_WIDGET_1, (3) TABLE_WIDGET_2, (4) browserDateTimeInfo, o (5) browserNumberInfo a DashBoardGUI.aspx; o de (6) UID a login.aspx. • https://www.exploit-db.com/exploits/26806 http://archives.neohapsis.com/archives/bugtraq/2013-07/0082.html http://www.exploit-db.com/exploits/26806 http://www.securityfocus.com/bid/61147 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 4CVE-2013-4946 – BMC Service Desk Express 10.2.1.95 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2013-4946
Multiple cross-site scripting (XSS) vulnerabilities in BMC Service Desk Express (SDE) 10.2.1.95 allow remote attackers to inject arbitrary web script or HTML via the (1) SelTab parameter to QV_admin.aspx, the (2) CallBack parameter to QV_grid.aspx, or the (3) HelpPage parameter to commonhelp.aspx. Múltiples vulnerabilidades XSS en BMC Service Desk Express (SDE) 10.2.1.95, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarias a través del parámetro (1) SelTab a QV_admin.aspx, el parámetro (2) CallBack a QV_grid.aspx, o (3) HelpPage a commonhelp.aspx. • https://www.exploit-db.com/exploits/26806 http://archives.neohapsis.com/archives/bugtraq/2013-07/0082.html http://www.exploit-db.com/exploits/26806 http://www.securityfocus.com/bid/61147 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •