CVE-2021-41078

Nameko through 2.13.0 can be tricked into performing arbitrary code execution when deserializing the config file...

GHSA-6P52-JR3Q-C94G Nameko Arbitrary code execution due to YAML deserialization

Impact Nameko can be tricked to perform arbitrary code execution when deserialising a YAML config file. Example: yaml malicious.yaml !!python/object/new:type args: 'z', !!python/tuple , 'extend': !!python/name:exec listitems: "import'os'.system'cat /etc/passwd'" shell $ nameko run --config...

Bopscrk - Tool To Generate Smart And Powerful Wordlists

bopscrk B efore O utset P aS sword CR acK ing is a tool to generate smart and powerful wordlists for targeted attacks. Included in BlackArch Linux pentesting distribution and Rawsec'sCybersecurity Inventory since August 2019. Targeted-attack wordlist creator : introduce personal info related to...

PT-2021-14842 · Saltstack +1 · Saltstack Salt +1

Name of the Vulnerable Software and Affected Versions: SaltStack Salt versions prior to 3003.3 Description: An issue was discovered that allows a malicious actor to subvert the proper behavior of the minion software. This occurs when the salt minion installer accepts and uses a minion config file...

CVE-2021-39503

PHPMyWind 5.6 is vulnerable to Remote Code Execution. Becase input is filtered without ", ?, =, ,...." In WriteConfig function, an attacker can inject php code to /include/config.cache.php file...

CVE-2021-39503

PHPMyWind 5.6 is vulnerable to Remote Code Execution. Becase input is filtered without ", ?, =, ,...." In WriteConfig function, an attacker can inject php code to /include/config.cache.php file...

Improper access control

An improper access control vulnerability CWE-284 in FortiSandbox versions 3.2.1 and below and 3.1.4 and below may allow an authenticated, unprivileged attacker to download the device configuration file via the recovery URL...

Moxa Command Injection / Cross Site Scripting / Vulnerable Software

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: see "Vulnerable / tested versions" vulnerable version: see "Vulnerable / tested versions" fixed version: see "Solution" CVE number:...

PT-2021-14724 · Jenkins · Jenkins Nomad Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Nomad Plugin versions 0.7.4 and earlier Description: The issue allows Docker passwords to be stored unencrypted in the global config.xml file on the Jenkins controller. These passwords can be viewed by users with access to the Jenkins...

Jenkins 安全漏洞

CloudBees Jenkins Hudson Labs is a Java-based continuous integration tool developed by CloudBees, Inc. An information disclosure vulnerability exists in CloudBees Jenkins Nomad Plugin 0.7.4 and prior versions. The vulnerability is caused by the program storing unencrypted Docker passwords in the...

CVE-2020-18127

An issue in the /config/config.php component of Indexhibit 2.1.5 allows attackers to arbitrarily view files...

Indexhibit 路径遍历漏洞

Indexhibit is a web-based content management system. An improper access control vulnerability exists in the /config/config.php component of Indexhibit version 2.1.5. An attacker could exploit this vulnerability to view arbitrary files...

Github Simiki 命令注入漏洞

Github Simiki is a simple wiki framework written in Python. Github Simiki suffers from a command injection vulnerability that stems from a command injection vulnerability in Simiki v1.6.2.1 and earlier versions. The vulnerability allows remote attackers to execute arbitrary system commands via li...

Wsh - Web Shell Generator And Command Line Interface

wsh pronounced woosh is a web shell generator and command line interface. This started off as just an http client since interacting with webshells is a pain. There's a form, to send a command you have to type in an input box and press a button. I wanted something that fits into my workflow better...

Sql injection

A SQL injection vulnerability in config.inc.php of rConfig 3.9.5 allows attackers to access sensitive database information via a crafted GET request to install/lib/ajaxHandlers/ajaxDbInstall.php...

rConfig SQL注入漏洞

rConfig is an open source network device configuration management utility. rConfig version 3.9.5 contains a SQL injection vulnerability in config.inc.php, which can be exploited by sending a specially crafted GET request to install/lib/ajaxHandlers/ajaxDbInstall.php to access sensitive database...

CVE-2021-21644

A cross-site request forgery CSRF vulnerability was found in the config-file-provider Jenkins plugin. The plugin does not require POST requests for an HTTP endpoint which allows attackers to delete configuration files corresponding to an attacker-specified ID...

WordPress plugin Download Manager 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A path traversal vulnerability exists in th...

Cisco Packet Tracer代码问题漏洞

Cisco Packet Tracer is a cross-platform visual emulation tool that allows users to create network topologies and emulate computer networks. The vulnerability can be exploited to execute arbitrary code on the affected system with the privileges of another user account by inserting a configuration...

NSClient++ 0.5.2.35 - Privilege escalation

This module allows an attacker with an unprivileged windows account to gain admin access on windows system and start a shell. For this module to work, both the NSClient++ web interface and ExternalScripts features must be enabled. You must also know where the NSClient config file is, as it is use...