CVE-2021-33208

The "Register an Ehcache Configuration File" admin feature in MashZone NextGen through 10.7 GA allows XXE attacks via a malicious XML configuration file...

CVE-2021-33208

The "Register an Ehcache Configuration File" admin feature in MashZone NextGen through 10.7 GA allows XXE attacks via a malicious XML configuration file...

CVE-2021-33208

The "Register an Ehcache Configuration File" admin feature in MashZone NextGen through 10.7 GA allows XXE attacks via a malicious XML configuration file...

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 Docker $ sudo docker build -t . $ sudo...

CVE-2022-28135

Jenkins instant-messaging Plugin 1.41 and earlier stores passwords for group chats unencrypted in the global configuration file of plugins based on Jenkins instant-messaging Plugin on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...

LayerSlider < 7.1.2 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape Project's slug before outputting it back in various place, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed PoC Proof of Concept PoC: ======================= 1. The store...

Jenkins Proxmox Plugin 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.Jenkins Proxmox Plugin 0.5.0 and earlier...

LayerSlider < 7.1.2 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape Project's slug before outputting it back in various place, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed Proof of Concept PoC: ======================= 1. The stored XS...

Fennec - Artifact Collection Tool For *Nix Systems

fennec is an artifact collection tool written in Rust to be used during incident response on nix based systems. fennec allows you to write a configuration file that contains how to collect artifacts. Features A single statically compiled binary Execute any osquery SQL query Execute system command...

Remote code execution

Gradle Enterprise before 2022.1 allows remote code execution if the installation process did not specify an initial configuration file. The configuration allows certain anonymous access to administration and an API...

CVE-2022-27919

Gradle Enterprise before 2022.1 allows remote code execution if the installation process did not specify an initial configuration file. The configuration allows certain anonymous access to administration and an API...

Metasploit Weekly Wrap-Up

Capture Plugin Capturing credentials is a critical and early phase in the playbook of many offensive security testers. Metasploit has facilitated this for years with protocol-specific modules all under the auxiliary/server/capture. Users can start and configure each of these modules individually,...

phpMyAdmin Remote Code Execution Vulnerability

Setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file...

PT-2022-18690 · Gradle · Gradle Enterprise

Name of the Vulnerable Software and Affected Versions: Gradle Enterprise versions prior to 2022.1 Description: The issue allows remote code execution if the installation process did not specify an initial configuration file, enabling certain anonymous access to administration and an API...

The vulnerability of the Mozilla Firefox browser, related to the race-like status during signature verification, allows a hacker to perform a spoofing attack.

The vulnerability of the Mozilla Firefox browser is related to a race condition that occurs during the process of checking signatures. Exploiting this vulnerability allows an attacker to perform a spoofing attack by replacing the default configuration file with a malicious one...

PT-2022-17758 · Ionize · Ionize

Name of the Vulnerable Software and Affected Versions: Ionize version 1.0.8.1 Description: A remote code execution issue allows attackers to execute arbitrary code via a crafted string written to the file application/config/config.php. This is achieved by exploiting a vulnerability in the softwar...

CVE-2021-27476

A vulnerability exists in the SaveConfigFile function of the RACompare Service, which may allow for OS command injection. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier...

Jenkins incapptic connect uploader Plugin has an unspecified vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project. jenkins Plugin is an application. jenkins incapptic connect uploader Plug...

Jenkins GitLab Authentication Plugin Information Disclosure Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.The Jenkins GitLab Authentication Plugin ...

GHSA-X75R-G63M-82WJ Passwords stored in plain text by Jenkins dbCharts Plugin

Jenkins dbCharts Plugin 0.5.2 and earlier stores JDBC connection passwords unencrypted in its global configuration file hudson.plugins.dbcharts.DbChartPublisher.xml on the Jenkins controller as part of its configuration. These passwords can be viewed by users with access to the Jenkins controller...