8768 matches found
EulerOS 2.0 SP8 : squid (EulerOS-SA-2020-1828)
According to the versions of the squid package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This functi...
Embedthis Software GoAhead Request Replay Attack Vulnerability
Embedthis Software GoAhead is an embedded Web server from Embedthis Software, USA. A request replay attack vulnerability exists in Embedthis Software GoAhead versions prior to 5.1.2, which stems from GoAhead's failure to properly handle nonce values during Digest authentication, and can be...
Security & Malware scan by CleanTalk < 2.51 - Security Nonce Leak leading to Unauthorised AJAX call
Security nonce leak, allowing any authenticated users such as subscribers to make unauthorised AJAX call which could lead to arbitrary file deletion/download and function call. Note WPScanTeam: We do not consider the issue fully remediated, as the AJAX calls rely on CSRF check for authorisation,...
cryptacular: excessive memory allocation during a decode operation
CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation during a decode operation, because the nonce array length associated with "new byte" may depend on untrusted input within the header of encoded data...
GHSA-X64G-4XX9-FH6X Denial of Service in Cryptacular
CiphertextHeader.java in Cryptacular before 1.2.4, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation during a decode operation, because the nonce array length associated with "new byte" may depend on untrusted input within the header of encoded data...
Denial of Service in Cryptacular
CiphertextHeader.java in Cryptacular before 1.2.4, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation during a decode operation, because the nonce array length associated with "new byte" may depend on untrusted input within the header of encoded data...
WordPress Drag And Drop Multi File Uploader Remote Code Execution Exploit
Exploit for php platform in category web applications This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Drag and Drop Multi File Uploader RCE', 'Description' = %q This module exploits a...
WordPress Drag And Drop Multi File Uploader Remote Code Execution
This Metasploit module exploits a file upload feature of Drag and Drop Multi File Upload - Contact Form 7 This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Drag and Drop Multi File...
WordPress Plugin BBPress 2.5 - Unauthenticated Privilege Escalation
Exploit Title: Wordpress Plugin BBPress 2.5 - Unauthenticated Privilege Escalation Date: 2020-05-29 Exploit Author: Raphael Karger Software Link: https://codex.bbpress.org/releases/ Version: BBPress 2.5 CVE: CVE-2020-13693 import argparse import requests import bs4 import urllib3...
WordPress BBPress 2.5 Privilege Escalation
Exploit Title: Wordpress Plugin BBPress 2.5 - Unauthenticated Privilege Escalation Date: 2020-05-29 Exploit Author: Raphael Karger Software Link: https://codex.bbpress.org/releases/ Version: BBPress 2.5 CVE: CVE-2020-13693 import argparse import requests import bs4 import urllib3...
CVE-2020-13643
An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress. The live editor feature did not do any nonce verification, allowing for requests to be forged on behalf of an administrator. The liveeditorpanelsdata $POST variable allows for malicious JavaScript to be...
CVE-2020-13643
An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress. The live editor feature did not do any nonce verification, allowing for requests to be forged on behalf of an administrator. The liveeditorpanelsdata $POST variable allows for malicious JavaScript to be...
CVE-2020-13642
An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress. The actionbuildercontent function did not do any nonce verification, allowing for requests to be forged on behalf of an administrator. The panelsdata $POST variable allows for malicious JavaScript to be...
CVE-2020-13641
An issue was discovered in the Real-Time Find and Replace plugin before 4.0.2 for WordPress. The faroptionspage function did not do any nonce verification, allowing for requests to be forged on behalf of an administrator. The find and replace rules could be updated with malicious JavaScript,...
CVE-2020-13641
An issue was discovered in the Real-Time Find and Replace plugin before 4.0.2 for WordPress. The faroptionspage function did not do any nonce verification, allowing for requests to be forged on behalf of an administrator. The find and replace rules could be updated with malicious JavaScript,...
Input validation
An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress. The actionbuildercontent function did not do any nonce verification, allowing for requests to be forged on behalf of an administrator. The panelsdata $POST variable allows for malicious JavaScript to be...
Input validation
An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress. The live editor feature did not do any nonce verification, allowing for requests to be forged on behalf of an administrator. The liveeditorpanelsdata $POST variable allows for malicious JavaScript to be...
CVE-2020-13642
An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress. The actionbuildercontent function did not do any nonce verification, allowing for requests to be forged on behalf of an administrator. The panelsdata $POST variable allows for malicious JavaScript to be...
CVE-2020-13643
An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress. The live editor feature did not do any nonce verification, allowing for requests to be forged on behalf of an administrator. The liveeditorpanelsdata $POST variable allows for malicious JavaScript to be...
CVE-2020-13641
An issue was discovered in the Real-Time Find and Replace plugin before 4.0.2 for WordPress. The faroptionspage function did not do any nonce verification, allowing for requests to be forged on behalf of an administrator. The find and replace rules could be updated with malicious JavaScript,...