49 matches found
CVE-2017-13718
The CVE-2017-13718 entry concerns Starry Station (Starry Router) and its HTTP API, where an attacker can brute-force the user PIN to alter Wi‑Fi settings, PINs, port forwards, and expose internal ports via the Internet. The root cause appears to be an API surface (rodman Python module) that allow...
MDwiki Cross Site Scripting
Originally thought that only a problem with Tencent's site implementation, the black brother reminded me to look at the Github address in the source code, only to find the open source MDwiki universal system. MDwiki is a wiki/CMS system built entirely on HTML5/Javascript technology and runs...
Brave Software: Local files reading using `link[rel="import"]`
Summary: HTML file could import another file using . Brave returns Access-Control-Allow-Origin: response header for local HTML files. That leads to local files reading. This vulnerability makes 369218 critical. Products affected: Brave: 0.23.19 V8: 6.7.288.46 rev:...
What you didn’t know about OWASP Top-10 2017? Part 3/3
This is the last part of my trilogy about OWASP Top-10 2017 risks. Two previous parts one and two described A1-A6 risks and this time I’d like to not just explain A7-A10 risks but also draw an intersection or overlap venn diagram of them. I hope this diagram would clarify why the questions about...
Aspen: Cross-origin resource sharing (CORS)
Cross-origin resource sharing CORS is a mechanism that allows restricted resources e.g. fonts on a web page to be requested from another domain outside the domain from which the resource originated. The Access-Control-Allow-Origin header indicates whether a resource can be shared based by returni...
CVE-2017-8793
An issue was discovered on Accellion FTA devices before FTA912180. By sending a POST request to home/seos/courier/web/wmProgressstat.html.php with an attacker domain in the acallow parameter, the device will respond with an Access-Control-Allow-Origin header allowing the attacker to have site...
Insecure 'Access-Control-Allow-Origin' Header
Cross Origin Resource Sharing CORS is an HTML5 technology which gives modern web browsers the ability to bypass restrictions implemented by the Same Origin Policy. The Same Origin Policy requires that both the JavaScript and the page are loaded from the same domain in order to allow JavaScript to...
MDwiki <= v0.6.2 DomXSS Vulnerability
Originally thought just Tencent a site to achieve the problem, behind the Black brother reminded me to see the source code in the Github address, only to find that is open source MDwiki General system. (MDwiki is a completely using HTML5/Javascript technology to build, runs completely on the...
eYou邮件系统邮件正文存储型XSS2(内附eYouXSS影响证明)
简要描述: 新玩意儿,影响Chrome。 在测试这个XSS过程中发现一处很严重的HttpOnly COOKIE泄漏,导致邮件正文型XSS能够获取用户全部COOKIE从而进行登陆。 详细说明: 新玩意儿,影响Chrome。 在测试这个XSS过程中发现一处很严重的HttpOnly COOKIE泄漏,导致邮件正文型XSS能够获取用户全部COOKIE从而进行登陆。内有POC (wooyun上有一些关于eyou邮件正文型XSS的报告,你们给的回应全都是“已有解决方案”、“问题已知,谢谢报告”。然而测试了几所大学的邮件系统,全都没修复,感觉你们是在逗我.....) 漏洞证明:...