Sony BRAVIA Digital Signage 1.7.8 - System API Information Disclosure

Exploit Title: Sony BRAVIA Digital Signage 1.7.8 - System API Information Disclosure Date: 20.09.2020 Exploit Author: LiquidWorm Vendor Homepage: https://pro-bravia.sony.net Version: 1.7.8 Sony BRAVIA Digital Signage 1.7.8 System API Information Disclosure Vendor: Sony Electronics Inc. Product we...

Sony BRAVIA Digital Signage 1.7.8 System API Information Disclosure

Summary Sony's BRAVIA Signage is an application to deliver video and still images to Pro BRAVIAs and manage the information via a network. Features include management of displays, power schedule management, content playlists, scheduled delivery management, content interrupt, and more. This...

Aviatrix Controller Improper Access Control Vulnerability

Aviatrix Controller is a centralized control panel for orchestrating and managing various network and connectivity solutions. An improper access control vulnerability exists in Aviatrix Controller versions prior to R6.0.2483. The vulnerability stems from the fact that multiple executables...

Design/Logic Flaw

An issue was discovered in Aviatrix Controller before R6.0.2483. Multiple executable files, that implement API endpoints, do not require a valid session ID for access...

CVE-2020-26552

An issue was discovered in Aviatrix Controller before R6.0.2483. Multiple executable files, that implement API endpoints, do not require a valid session ID for access...

Aviatrix Systems Controller 加密问题漏洞

Aviatrix Controller is a centralized control panel for orchestrating and managing various network and connectivity solutions. An improper access control vulnerability exists in Aviatrix Controller versions prior to R6.0.2483. The vulnerability stems from the fact that multiple executables...

Py3Webfuzz - A Python3 Module To Assist In Fuzzing Web Applications

Based on pywebfuzz, Py3webfuzz is a Python3 module to assist in the identification of vulnerabilities in web applications, Web Services through brute force, fuzzing and analysis. The module does this by providing common testing values, generators and other utilities that would be helpful when...

API Discovery and Profiling -- Visibility to Protection

APIs have become a dominant mechanism in the modern web, allowing organizations to create powerful web and mobile experiences, while exposing back-end data and logic to create new and innovative offerings. Protecting internet-facing APIs -- an emerging practice over the past few years -- is the...

PT-2021-11622 · Mediawiki +1 · Mediawiki +2

Name of the Vulnerable Software and Affected Versions: MediaWiki versions through 1.35 Description: The issue concerns the API in the Push extension for MediaWiki, which used cleartext for ApiPush credentials. This could potentially lead to information disclosure. Recommendations: For MediaWiki...

CVE-2020-16171

An issue was discovered in Acronis Cyber Backup before 12.5 Build 16342. Some API endpoints on port 9877 under /api/ams/ accept an additional custom Shard header. The value of this header is afterwards used in a separate web request issued by the application itself. This can be abused to conduct...

Server side request forgery (ssrf)

An issue was discovered in Acronis Cyber Backup before 12.5 Build 16342. Some API endpoints on port 9877 under /api/ams/ accept an additional custom Shard header. The value of this header is afterwards used in a separate web request issued by the application itself. This can be abused to conduct...

CVE-2020-16171

An issue was discovered in Acronis Cyber Backup before 12.5 Build 16342. Some API endpoints on port 9877 under /api/ams/ accept an additional custom Shard header. The value of this header is afterwards used in a separate web request issued by the application itself. This can be abused to conduct...

EUVD-2020-8137

An issue was discovered in Acronis Cyber Backup before 12.5 Build 16342. Some API endpoints on port 9877 under /api/ams/ accept an additional custom Shard header. The value of this header is afterwards used in a separate web request issued by the application itself. This can be abused to conduct...

Cybercriminals Are Using Legit Cloud Monitoring Tools As Backdoor

A cybercrime group that has previously struck Docker and Kubernetes cloud environments has evolved to repurpose genuine cloud monitoring tools as a backdoor to carry out malicious attacks, according to new research. "To our knowledge, this is the first time attackers have been caught using...

Command Injection in expressfs

All versions of expressfs are vulnerable to Command Injection. The package does not validate user input on several API endpoints, allowing attackers to run arbitrary commands in the system. The affected endpoints are: expressfs.appendFile, expressfs.cp, expressfs.create and expressfs.rmdir...

GHSA-MXMJ-84Q8-34R7 Command Injection in expressfs

All versions of expressfs are vulnerable to Command Injection. The package does not validate user input on several API endpoints, allowing attackers to run arbitrary commands in the system. The affected endpoints are: expressfs.appendFile, expressfs.cp, expressfs.create and expressfs.rmdir...

PT-2020-13709 · Dolibarr · Dolibarr

Name of the Vulnerable Software and Affected Versions: Dolibarr version 11.0.4 Description: The issue concerns multiple stored Cross-Site Scripting XSS vulnerabilities. These could allow remote authenticated attackers to inject arbitrary web script or HTML. This can be done via several API...

PT-2020-6685 · Fuel Cms · Fuel Cms

Name of the Vulnerable Software and Affected Versions: FUEL CMS version 1.4.7 Description: The issue is related to a lack of protection in the SQL query structure, allowing for SQL injection. This can be exploited via the col parameter in API endpoints such as "/pages/items", "/permissions/items"...

HawkScan - Security Tool For Reconnaissance And Information Gathering On A Website

Security Tool for Reconnaissance and Information Gathering on a website. python 2.x & 3.x This script use "WafW00f" to detect the WAF in the first step https://github.com/EnableSecurity/wafw00f This script use "Sublist3r" to scan subdomains https://github.com/aboul3la/Sublist3r This script use...

CVE-2020-12432

The WOPI API integration for Vereign Collabora CODE through 4.2.2 does not properly restrict delivery of JavaScript to a victim's browser, and lacks proper MIME type access control, which could lead to XSS that steals account credentials via cookies or local storage. The attacker must first obtai...