CVE-2019-5176

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file.The destination buffer sp+0x40 is...

Extended-XSS-Search - Scans For Different Types Of XSS On A List Of URLs

This is the extended version based on the initial idea already published as "xssfinder". This private version allows an attacker to perform not only GET but also POST requests. Additionally its possible to proxy every request through Burp or another tunnel. First steps Rename the...

procps: Local privilege escalation in top

If the HOME environment variable is unset or empty, top will read its configuration file from the current working directory without any security check. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of...

CVE-2020-2126

Jenkins DigitalOcean Plugin 1.1 and earlier stores a token unencrypted in the global config.xml file on the Jenkins master where it can be viewed by users with access to the master file system...

PT-2020-15331 · Jenkins · Jenkins Dynamic Extended Choice Parameter Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Dynamic Extended Choice Parameter Plugin versions 1.0.1 and earlier Description: The issue concerns the storage of passwords in an unencrypted manner in job config.xml files on the Jenkins master. This allows users with Extended Read...

CVE-2019-11481

Kevin Backhouse discovered that apport would read a user-supplied configuration file with elevated privileges. By replacing the file with a symbolic link, a user could get apport to read any file on the system as root, with unknown consequences...

CVE-2019-3700

yast2-security didn't use secure defaults to protect passwords. This became a problem on 2019-10-07 when configuration files that set secure settings were moved to a different location. As of the 20191022 snapshot the insecure default settings were used until yast2-security switched to stronger...

CVE-2019-19837

Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote information disclosure of bin/web.conf via HTTP requests...

Huawei EulerOS: Security Advisory for texlive (EulerOS-SA-2019-1873)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-10934

A vulnerability has been identified in TIA Portal V14 All versions, TIA Portal V15 All versions V15.1 Update 7, TIA Portal V16 All versions V16 Update 6, TIA Portal V17 All versions V17 Update 4. Changing the contents of a configuration file could allow an attacker to execute arbitrary code with...

Kubernetes: Sensitive Information disclosure Through Config File

Report Submission Form Summary: hello Team while Exploring Your Site.I found Config File Is leaked In Your Site Where Contains Sensitive Information,Credentials ETc Vulnerable URL:- https://prow.k8s.io/config Impact Attacker Is Able To Gain sensitive Information About target and Also might Get...

XSpear v1.3 - Powerfull XSS Scanning And Parameter Analysis Tool

XSpear is XSS Scanner on ruby gems Key features Pattern matching based XSS scanning Detect alert confirm prompt event on headless browser with Selenium Testing request/response for XSS protection bypass and reflectedor all params Reflected Params All paramsfor blind xss, anytings Filtered test...

CVE-2019-20222

In Support Incident Tracker SiT! 3.67, the Short Application Name and Application Name inputs in the config.php page are affected by XSS...

Support Incident Tracker Cross-Site Scripting Vulnerability (CNVD-2020-04724)

Support Incident Tracker SiT! is a PHP and MySQL based technical support phone/email tracking system. A cross-site scripting vulnerability exists in the Short Application Name and Application Name fields of the config.php page in version 3.67 of SiT! The vulnerability stems from the lack of prope...

DEBIAN-CVE-2014-5439

Multiple Stack-based Buffer Overflow vulnerabilities exists in Sniffit prior to 0.3.7 via a crafted configuration file that will bypass Non-eXecutable bit NX, stack smashing protector SSP, and address space layout randomization ASLR protection mechanisms, which could let a malicious user execute...

FlexAir Access Control 2.3.35 - Authentication Bypass

Exploit Title: FlexAir Access Control 2.3.35 - Authentication Bypass Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link: https://www.computrols.com/building-automation-software/ Version: 2.3.35 Tested on: NA...

FileOptimizer 14.00.2524 - Denial of Service Exploit

Exploit Title: FileOptimizer 14.00.2524 - Denial of Service PoC Exploit Author: Chase Hatch SYANiDE Vendor Homepage: https://sourceforge.net/projects/nikkhokkho/ Software Link: https://sourceforge.net/projects/nikkhokkho/files/FileOptimizer/14.00.2524/FileOptimizerSetup.exe/download Version:...

PT-2019-11854 · Jenkins · Jenkins Bitbucket Oauth Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Bitbucket OAuth Plugin versions 0.9 and earlier Jenkins Bitbucket OAuth Plugin prior to 0.10 Description: The issue concerns the storage of credentials in an unencrypted manner in the global config.xml configuration file on the Jenkin...

PT-2019-11861 · Jenkins · Jenkins Sonar Gerrit Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Sonar Gerrit Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner in job config.xml files on the Jenkins master. These credentials can be accessed by users who have...

Design/Logic Flaw

Jenkins ElasticBox CI Plugin stores credentials unencrypted in the global config.xml configuration file on the Jenkins master where they can be viewed by users with access to the master file system...