1414 matches found
VMware Workstation - ALSA Config File Local Privilege Escalation Exploit
This Metasploit module exploits a vulnerability in VMware Workstation Pro and Player on Linux which allows users to escalate their privileges by using an ALSA configuration file to load and execute a shared object as root when launching a virtual machine with an attached sound card. This Metasplo...
Design/Logic Flaw
getConfigExportFile.cgi on FLIR Brickstream 2300 devices 2.0 4.1.53.166 has Incorrect Access Control, as demonstrated by reading the AVIUSERID and AVIUSERPASSWORD fields via a direct request...
Code execution vulnerability in OpenSNS backend AuthorizeController.class.php page
OpenSNS is a lightweight social user center framework based on OneThink. The system upholds a minimalist design style and focuses on communication. A code execution vulnerability exists in the AuthorizeController.class.php page in the OpenSNS backend. Allow attackers to exploit the vulnerability ...
Cisco Smart Install Detection
Binary data ciscosmartinstalldetect.nbin...
Confire config.py File Arbitrary Command Execution Vulnerability
Confire is a set of application configuration tools built on Scapy, Django and other configuration parsers. A security vulnerability in the YAML parsing function of the config.py file in Confire version 0.2.0 stems from the program using the 'yaml.load' function to load user-specific configuratio...
Telnet IoT Honeypot - Python Telnet Honeypot For Catching Botnet Binaries
This project implements a python telnet server trying to act as a honeypot for IoT Malware which spreads over horribly insecure default passwords on telnet servers on the internet. Other than https://github.com/stamparm/hontel or https://github.com/micheloosterhof/cowrie examples, which provides...
Magento Config File Disclosure Vulnerability
Magento installed on other web servers than Apache may leak the config file. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...
GHSA-9QJ7-JVG4-QR2X Phusion Passenger Denial of Service
Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby allows local users to cause a denial of service prevent application start or gain privileges by pre-creating a temporary "config" file in a directory with a predictable name in /tmp/ before it is used by the gem...
CVE-2017-1000104
The Config File Provider Plugin is used to centrally manage configuration files that often include secrets, such as passwords. Users with only Overall/Read access to Jenkins were able to access URLs directly that allowed viewing these files. Access to view these files now requires sufficient...
CVE-2017-1000104
The Config File Provider Plugin is used to centrally manage configuration files that often include secrets, such as passwords. Users with only Overall/Read access to Jenkins were able to access URLs directly that allowed viewing these files. Access to view these files now requires sufficient...
Design/Logic Flaw
The Config File Provider Plugin is used to centrally manage configuration files that often include secrets, such as passwords. Users with only Overall/Read access to Jenkins were able to access URLs directly that allowed viewing these files. Access to view these files now requires sufficient...
CVE-2017-1000104
The Config File Provider Plugin is used to centrally manage configuration files that often include secrets, such as passwords. Users with only Overall/Read access to Jenkins were able to access URLs directly that allowed viewing these files. Access to view these files now requires sufficient...
CVE-2017-1000104
CVE-2017-1000104 concerns the Jenkins Config File Provider Plugin, which manages configuration files that may include secrets. The issue arises from insufficient access control: users with only Overall/Read access could view URLs to configuration files, until permissions were tightened to require...
CVE-2017-14942
Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie...
PT-2017-13767 · Intelbras · Intelbras Wrn 150
Name of the Vulnerable Software and Affected Versions: Intelbras WRN 150 devices affected versions not specified Description: The issue allows remote attackers to read the configuration file and bypass authentication by making a direct request for "cgi-bin/DownloadCfg/RouterCfm.cfg" with an...
Roteador Wireless Intelbras WRN150 - Autentication Bypass Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Autentication Bypass/Config file download - INTELBRAS WRN 150 Date: 28/09/2017 Exploit Author: Elber Tavares Vendor Homepage: http://intelbras.com.br/ Version: Intelbras Wireless N 150 Mbps - WRN 150 Tested on: kali linux,...
Roteador Wireless Intelbras WRN150 - Autentication Bypass
Roteador Wireless Intelbras WRN150 - Autentication Bypass Exploit Title: Autentication Bypass/Config file download - INTELBRAS WRN 150 Date: 28/09/2017 Exploit Author: Elber Tavares Vendor Homepage: http://intelbras.com.br/ Version: Intelbras Wireless N 150 Mbps - WRN 150 Tested on: kali linux,...
PT-2019-7914 · Bittorrent +1 · Qbittorrent +1
Name of the Vulnerable Software and Affected Versions: qBittorrent version 3.3.15 Description: The issue concerns the UI Lock feature, which can be bypassed by tampering with the config file. An attacker can gain unauthorized access to qBittorrent functions by modifying the locked attribute withi...
CVE-2017-13778
Fiyo CMS 2.0.7 has XSS in dapur\apps\appconfig\sysconfig.php via the sitename parameter...
IBM OpenAdmin Tool - SOAP welcomeServer PHP Code Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM OpenAdmin Tool SOAP welcomeServer PHP Code Execution', 'Description' = %q This module exploits an unauthenticated remote PHP code execution...