1998 matches found
MicroFocus Secure Messaging Gateway Remote Code Execution
This module exploits a SQL injection and command injection vulnerability in MicroFocus Secure Messaging Gateway. An unauthenticated user can execute a terminal command under the context of the web user. One of the user supplied parameters of API endpoint is used by the application without input...
CVE-2018-5256
CoreOS Tectonic 1.7.x before 1.7.9-tectonic.4 and 1.8.x before 1.8.4-tectonic.3 mounts a direct proxy to the kubernetes cluster at /api/kubernetes/ which is accessible without authentication to Tectonic and allows an attacker to directly connect to the kubernetes API server. Unauthenticated users...
CVE-2018-5256
CoreOS Tectonic 1.7.x before 1.7.9-tectonic.4 and 1.8.x before 1.8.4-tectonic.3 mounts a direct proxy to the kubernetes cluster at /api/kubernetes/ which is accessible without authentication to Tectonic and allows an attacker to directly connect to the kubernetes API server. Unauthenticated users...
Design/Logic Flaw
An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3 Build 9317. Unauthenticated users are able to validate domain user accounts by sending a request containing the username to an API endpoint. The endpoint will return the user's logon domain if the accounts exists, or 'null' if it...
CVE-2018-7248
An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3 Build 9317. Unauthenticated users are able to validate domain user accounts by sending a request containing the username to an API endpoint. The endpoint will return the user's logon domain if the accounts exists, or 'null' if it...
CVE-2018-7248
An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3 Build 9317. Unauthenticated users are able to validate domain user accounts by sending a request containing the username to an API endpoint. The endpoint will return the user's logon domain if the accounts exists, or 'null' if it...
FreeBSD : jenkins -- multiple vulnerabilities (06ab7724-0fd7-427e-a5ce-fe436302b10c)
Jenkins developers report : The agent to master security subsystem ensures that the Jenkins master is protected from maliciously configured agents. A path traversal vulnerability allowed agents to escape whitelisted directories to read and write to files they should not be able to access. Black...
jenkins -- multiple vulnerabilities
Jenkins developers report: The agent to master security subsystem ensures that the Jenkins master is protected from maliciously configured agents. A path traversal vulnerability allowed agents to escape whitelisted directories to read and write to files they should not be able to access. Black Du...
PT-2018-9818 · Wuzhi · Wuzhi Cms
Name of the Vulnerable Software and Affected Versions: WUZHI CMS version 4.1.0 Description: A persistent XSS issue allows remote attackers to inject arbitrary web script or HTML via the tagpinyin parameter to the "/index.php?m=tags&f=index&v=add" API endpoint. Recommendations: For WUZHI CMS versi...
LocalTapiola: User Information Disclosure via Json response
User Information Disclosure via Json response on a specific api end point POC URL: https://www.lahitapiolarahoitus.fi/wp-json/wp/v2/users/ Refernce: https://wpvulndb.com/wordpresses/462 Impact attacker can user those info for advance attack as bruteforce login...
BOHEMIA INTERACTIVE a.s.: (Possible) staff account takeover via reset token bruteforce at helpdesk.bistudio.com
As stated in a brief exchange with @rvn in my other report 312433, I might have found a logic flaw in the way https://helpdesk.bistudio.com handles the reset flow and tokens. I've asked if it was possible to obtain a test account, but I fully understand that it's something that cannot be done; as...
Gitlab project service integration API endpoint information disclosure vulnerability
GitLab is a set of Ruby on Rails development of open source applications , can be realized as a self-hosted Git version control system project repository , which has similar features to Github , you can access the project's file content , commit history , bug lists , etc. GitLab Community Edition...
CVE-2017-0925
Gitlab Enterprise Edition version 10.1.0 is vulnerable to an insufficiently protected credential issue in the project service integration API endpoint resulting in an information disclosure of plaintext password...
CVE-2017-0925
Gitlab Enterprise Edition version 10.1.0 is vulnerable to an insufficiently protected credential issue in the project service integration API endpoint resulting in an information disclosure of plaintext password...
CVE-2017-1000388
The CVE-2017-1000388 entry concerns the Jenkins Dependency Graph Viewer plugin (version 0.12 and earlier). The root cause is missing permission checks on the API endpoint that modifies the dependency graph, allowing any user with Overall/Read permission to modify the data. This description is sup...
Open-Xchange: IDOR - setAttribute action of user object in API
Note. I selected sandbox.open-xchange.com as the asset in Hackerone but this was tested on a local installation . Hello, There appears to be a possible IDOR vulnerability in the following API endpoint for setting custom attributes:...
PT-2017-14035 · E Sic · E-Sic
Name of the Vulnerable Software and Affected Versions: E-Sic version 1.0 Description: An authentication bypass issue exists due to the acceptance of '=' or ' values for the username and password variables in the "/index" also known as "login" API endpoint. Recommendations: For E-Sic version 1.0, ...
Authorization
Blue Ocean allows the creation of GitHub organization folders that are set up to scan a GitHub organization for repositories and branches containing a Jenkinsfile, and create corresponding pipelines in Jenkins. It did not properly check the current user's authentication and authorization when...
RubyGems: Request Hijacking Vulnerability in RubyGems 2.6.13 and earlier
We received this report via security@ from [email protected], I'm filing here for tracking and visibility purposes... "I was looking at commit 8d91516fb7037ecfb27622f605dc40245e0f8d32, which was the fix for the DNS hijacking issue CVE-2017-0902. The function still handles the DNS response in ...
opendata.gov.je XSS vulnerability
Vulnerable URL: https://opendata.gov.je/api/1/util/snippet/apiinfo.html?resourceid=a15ed8ba-93a8-4596-b6bb-945717c257bbrooturl=javascript:alert/OPENBUGBOUNTY/// Details: Description| Value ---|--- Patched:| No Latest check for patch:| 13.12.2017 Vulnerability type:| XSS Vulnerability status:|...