CVE-2018-1000628

The CVE-2018-1000628 entry concerns Battelle V2I Hub 2.5.1, where a security-restriction bypass is caused by comparing an API key against a user-supplied value via PHP’s $_GET using strcmp. By appending [] to the key parameter in API function URLs, an attacker could bypass checks and execute API ...

CVE-2018-1000626

Battelle V2I Hub 2.5.1 could allow a remote attacker to bypass security restrictions, caused by the lack of requirement to change the default API key. An attacker could exploit this vulnerability using all available API functions containing an unchanged API key to gain unauthorized access to the...

CVE-2018-1000627

Battelle V2I Hub 2.5.1 exposes an API key due to failure to restrict access to the API key file, enabling remote attackers to obtain the current API key and gain unauthorized access. This information disclosure vulnerability is described across CVE-2018-1000627 sources (NVD/CNVD) with consistent ...

Kamerka - Build Interactive Map Of Cameras From Shodan

Build an interactive map of cameras from Shodan. The script creates a map of Shodan cameras based on your address or coordinates. https://medium.com/@wojciech/%EA%93%98amerka-build-interactive-map-of-cameras-from-shodan-a0267849ec0a Requirements Shodan Geopy Foilum Colorama pip install -r...

Exploit for CVE-2013-6026

PoC exploit for CVE-2013-6026, a severe vulnerability allowing unauthenticated access to the administration panel of many routers made by D-Link. The target product/service is D-Link routers, and the vulnerability class/vector is auth bypass. The probable entry point is the Shodan search engine,...

Nagios XI < 5.5.7 Multiple Vulnerabilities

Nagios XI is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nagios:nagiosxi"; if description...

CVE-2018-15711

Nagios XI 5.5.6 allows remote authenticated attackers to reset and regenerate the API key of more privileged users. The attacker can then use the new API key to execute API calls at elevated privileges...

Code injection

Nagios XI 5.5.6 allows remote authenticated attackers to reset and regenerate the API key of more privileged users. The attacker can then use the new API key to execute API calls at elevated privileges...

CVE-2018-15711

Nagios XI 5.5.6 allows remote authenticated attackers to reset and regenerate the API key of more privileged users. The attacker can then use the new API key to execute API calls at elevated privileges...

CVE-2018-15711

Nagios XI 5.5.6 contains a privilege-escalation flaw in the API key management. A remote, authenticated attacker can reset and regenerate the API key of a higher-privileged user, then use the new key to perform API calls with elevated privileges. This is described consistently across multiple sou...

Gurp - Golang command-line interface to Burp Suite's REST API

Requirements BurpSuite Professional v2.0.0beta or greater from PortSwigger Dependencies go get -u -v github.com/fatih/color go get -u -v github.com/integrii/flaggy go get -u -v github.com/tidwall/gjson go get -u -v github.com/grokify/html-strip-tags-go Binaries Latest version available here...

CVE-2018-17283

Zoho ManageEngine OpManager before 12.3 Build 123196 does not require authentication for /oputilsServlet requests, as demonstrated by a /oputilsServlet?action=getAPIKey request that can be leveraged against Firewall Analyzer to add an admin user via /api/json/v2/admin/addUser or conduct a SQL...

Shopify: Unauthenticated access to Zendesk tickets through athena-flex-production.shopifycloud.com Okta bypass

Summary athena-flex-production.shopifycloud.com seems to be an internal system that Shopify uses because it redirects user to Okta login. During this however, I noticed that it first returns 200 and then does a redirect meaning some part of the website loads before redirecting. With this, I was...

Pimcore SQL Injection Vulnerability

Pimcore is Austria Pimcore company's set of open source for creating and managing Web applications Web content management platform. The platform integrates Web content management, e-commerce framework and product information management applications. A SQL injection vulnerability exists in the RES...

yougapi.com XSS vulnerability

Open Bug Bounty ID: OBB-666386 Description| Value ---|--- Affected Website:| yougapi.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Pimcore 5.2.3 - SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: SQL Injection, XSS & CSRF vulnerabilities product: Pimcore vulnerable version: 5.2.3 and below fixed version: 5.3.0 CVE number: CVE-2018-14057, CVE-2018-14058,...

CloudBees Jenkins Tinfoil Security Plugin Information Disclosure Vulnerability

CloudBees Jenkins is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . Tinfoil Security Plugin is used in o...

CVE-2018-1999031

An exposure of sensitive information vulnerability exists in Jenkins meliora-testlab Plugin 1.14 and earlier in TestlabNotifier.java that allows attackers with file system access to the Jenkins master to obtain the API key stored in this plugin's configuration...

CVE-2018-1999031

An exposure of sensitive information vulnerability exists in Jenkins meliora-testlab Plugin 1.14 and earlier in TestlabNotifier.java that allows attackers with file system access to the Jenkins master to obtain the API key stored in this plugin's configuration...

CVE-2018-1999041

An exposure of sensitive information vulnerability exists in Jenkins Tinfoil Security Plugin 1.6.1 and earlier in TinfoilScanRecorder.java that allows attackers with file system access to the Jenkins master to obtain the API secret key stored in this plugin's configuration...