188 matches found
UBUNTU-CVE-2021-28940
Because of a incorrect escaped exec command in MagpieRSS in 0.72 in the /extlib/Snoopy.class.inc file, it is possible to add a extra command to the curl binary. This creates an issue on the /scripts/magpiedebug.php and /scripts/magpiesimple.php page that if you send a specific https url in the RS...
CVE-2021-28941
Because of no validation on a curl command in MagpieRSS 0.72 in the /extlib/Snoopy.class.inc file, when you send a request to the /scripts/magpiedebug.php or /scripts/magpiesimple.php page, it's possible to request any internal page if you use a https request...
CVE-2021-28941
Because of no validation on a curl command in MagpieRSS 0.72 in the /extlib/Snoopy.class.inc file, when you send a request to the /scripts/magpiedebug.php or /scripts/magpiesimple.php page, it's possible to request any internal page if you use a https request...
CVE-2021-28941
The CVE-2021-28941 entry concerns MagpieRSS 0.72. The issue, described across multiple sources, is a lack of validation for a curl command in extlib/Snoopy.class.inc, enabling a request to internal pages when targeting /scripts/magpie_debug.php or /scripts/magpie_simple.php via https. Connected d...
Byp4Xx - Simple Bash Script To Bypass "403 Forbidden" Messages With Well-Known Methods Discussed In #Bugbountytips
byp4xx.sh / / / // / / / / / / / // /| |// |// / // / // / // / / /./, / ./ // //|//|| /// A bash script to bypass "403 Forbidden" responses with well-known methods discussed in bugbountytips Installation: git clone https://github.com/lobuhi/byp4xx.git cd byp4xx chmod u+x byp4xx.sh Usage: Start...
HiSilicon Video Encoder Malicious Firmware Code Execution
!/usr/bin/env bash Exploit Title: HiSilicon video encoders - RCE via unauthenticated upload of malicious firmware Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: multiple vendors Software Link: N/A Version: vendor-specific Tested on: Linux CVE: CVE-2020-24217 Vendors: URayTech,...
U.S. Dept Of Defense: [██████████.mil] Cisco VPN Service Path Traversal
Hi team. Summary The Cisco VPN Service at ██████.mil is vulnerable to the CVE-2020-3452 vulnerability, which allows path traversing within the web service's file system on the targeted device. Steps to Reproduce Make a GET request to: http...
The vulnerability of a node’s shell for the `curl` command, related to the failure to eliminate special elements used in operating system commands, allows a perpetrator to execute arbitrary commands.
The vulnerability of a node’s command-line interface for the curl command relates to the failure to address the special elements used in operating system commands. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary commands...
USN-4299-1 firefox vulnerabilities
Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the URL or other browser chrome, obtain sensitive information, bypass Content Security Policy CSP...
Wing FTP Server 6.2.5 - Privilege Escalation
Wing FTP Server 6.2.5 - Privilege Escalation Exploit Title: Wing FTP Server 6.2.5 - Privilege Escalation Google Dork: intitle:"Wing FTP Server - Web" Date: 2020-03-03 Exploit Author: Cary Hooper Vendor Homepage: https://www.wftpserver.com Software Link:...
Wing FTP Server 6.2.5 Privilege Escalation
Exploit Title: Wing FTP Server 6.2.5 - Privilege Escalation Google Dork: intitle:"Wing FTP Server - Web" Date: 2020-03-03 Exploit Author: Cary Hooper Vendor Homepage: https://www.wftpserver.com Software Link: https://www.wftpserver.com/download/wftpserver-linux-64bit.tar.gz Version: v6.2.5 and...
Wing FTP Server 6.2.5 - Privilege Escalation
Exploit Title: Wing FTP Server 6.2.5 - Privilege Escalation Google Dork: intitle:"Wing FTP Server - Web" Date: 2020-03-03 Exploit Author: Cary Hooper Vendor Homepage: https://www.wftpserver.com Software Link: https://www.wftpserver.com/download/wftpserver-linux-64bit.tar.gz Version: v6.2.5 and...
HackerOne Breach Leads to $20,000 Bounty Reward
HackerOne has paid out $20,000 after a high-severity vulnerability was discovered in the bug-bounty platform. The flaw allowed an outside bounty hunter to access customers’ reports and other sensitive information. Disclosed this week in a HackerOne report, the security incident stemmed from a...
Visualizer < 3.3.1 - Blind Server-Side Request Forgery (SSRF)
This plugin suffers from a blind SSRF vulnerability in the /wp-json/visualizer/v1/upload-data endpoint. curl -i -s -X $'POST' \ -H $'Host: 192.168.158.128:8000' \ --data-binary $'"url":"http://db:3306"' \ $'http://192.168.158.128:8000/wp-json/visualizer/v1/upload-data' See the references for...
Huawei HG530 Reboot / Restore Authentication Bypass
Huawei HG530 Multiple Unauthenticated reboot and restore Vulnerability =========================== The Huawei HG530 suffers from multiple Unauthenticated reboot and restore vulnerability allows local attackers to reboot the device or to restore to factory Configuration without user interaction...
PowerPanel Business Edition - Cross-Site Scripting
PowerPanel Business Edition - Cross-Site Scripting Exploit Title: PowerPanel Business Edition - Stored Cross Site Scripting SNMP trap receivers Google Dork: None Date: 6/29/2019 Exploit Author: Joey Lane Vendor Homepage: https://www.cyberpowersystems.com Version: 3.4.0 Tested on: Ubuntu 16.04 CVE...
ZoneMinder 1.32.3 - Cross-Site Scripting
Exploit Title: ZoneMinder 1.32.3 - Stored Cross Site Scripting filters Google Dork: None Date: 6/29/2019 Exploit Author: Joey Lane Vendor Homepage: https://zoneminder.com Software Link: https://github.com/ZoneMinder/zoneminder/releases Version: 1.32.3 Tested on: Ubuntu 16.04 CVE : Pending...
ZoneMinder 1.32.3 Cross Site Scripting
Exploit Title: ZoneMinder 1.32.3 - Stored Cross Site Scripting filters Google Dork: None Date: 6/29/2019 Exploit Author: Joey Lane Vendor Homepage: https://zoneminder.com Software Link: https://github.com/ZoneMinder/zoneminder/releases Version: 1.32.3 Tested on: Ubuntu 16.04 CVE : Pending...
UBUNTU-CVE-2019-9804
In Firefox Developer Tools it is possible that pasting the result of the 'Copy as cURL' command into a command shell on macOS will cause the execution of unintended additional bash script commands if the URL was maliciously crafted. This is the result of an issue with the native version of Bash o...
Fortify SSC 17.10 / 17.20 / 18.10 User Detail Insecure Direct Object Reference
Details ================ Software: Fortify SSC Software Security Center Version: 17.10, 17.20 & 18.10 Homepage: https://www.microfocus.com Advisory report: https://github.com/alt3kx/CVE-2018-7691 CVE: CVE-2018-7691 CVSS: 6.5 Medium; AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CWE-639 Description...