Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4
CVSSv2

CVE-2014-4874

Published: 10/10/2014 Updated: 02/08/2023
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
VMScore: 405
Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N
Subscribe to Bmc

Vulnerability Summary

BMC Track-It! 11.3.0.355 allows remote authenticated users to read arbitrary files by visiting the TrackItWeb/Attachment page.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

bmc track-it\\! 11.3.0.355

Exploits

Exploit DB: BMC Track-It! - Multiple Vulnerabilities
>> Multiple critical vulnerabilities in BMC Track-It! >> Discovered by Pedro Ribeiro (pedrib@gmailcom), Agile Information Security ================================================================================= The application exposes several NET remoting services on port 9010 NET remoting is a RMI technology similar to Java RMI ...
Exploit DB: BMC Track-it! Remote Code Execution / SQL Injection
BMC Track-it! suffers from code execution, arbitrary file download, and remote SQL injection vulnerabilities ...

References

CWE-200http://www.kb.cert.org/vuls/id/121036https://raw.githubusercontent.com/pedrib/PoC/master/generic/bmc-track-it-11.3.txthttp://packetstormsecurity.com/files/128594/BMC-Track-it-Remote-Code-Execution-SQL-Injection.htmlhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/34924/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
client sideCVE-2023-31889template injectionCVE-2024-4304CVE-2006-4304CVE-2024-33272type confusionCVE-2024-21345CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook