126 matches found
CVE-2025-27095 JumpServer has a Kubernetes Token Leak Vulnerability
JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to 4.8.0 and 3.10.18, an attacker with a low-privileged account can access the Kubernetes session feature and manipulate the kubeconfig file to redirect API requests to an external server...
Advanced XSS Exploitation - User Screenshot
In this paper, the author teaches advanced persistent cross site scripting techniques that can be used to take screenshots of the client's screen and send them to an external server. The paper is primarily focusing on a pentesting perspective but also discusses mitigations. Written in Brazilian...
Advanced XSS Exploitation - How to Capture Session Cookies
In this paper, the author teaches advanced cross site scripting techniques that can be used to capture user session cookies and send them to an external server. Although this paper primarily focuses on attack methodology, it also touches on cross site scripting mitigations. Written in Brazilian...
CVE-2024-8061 Denial of Service in aimhubio/aim
In version 3.23.0 of aimhubio/aim, certain methods that request data from external servers do not have set timeouts, causing the server to wait indefinitely for a response. This can lead to a denial of service, as the tracking server does not respond to other requests while waiting. The issue...
CVE-2024-8061 Denial of Service in aimhubio/aim
In version 3.23.0 of aimhubio/aim, certain methods that request data from external servers do not have set timeouts, causing the server to wait indefinitely for a response. This can lead to a denial of service, as the tracking server does not respond to other requests while waiting. The issue...
CVE-2024-31415
The Eaton Foreseer software provides the feasibility for the user to configure external servers for multiple purposes such as network management, user management, etc. The software uses encryption to store these configurations securely on the host machine. However, the keys used for this encrypti...
Stilog Visual Planning 安全漏洞
Stilog Visual Planning is software from Stilog that allows you to efficiently manage resource allocation and share schedules with employees. A security vulnerability exists in Stilog Visual Planning 8. An attacker could exploit the vulnerability to access local server files and leak data to an...
Server Side Request Forgery
langchain is vulnerable to Server-Side Request Forgery. This vulnerability exists because it does not properly filter URLs in the init function in recursiveurlloader.py, allowing an attacker to trick a server into sending HTTP requests to any domain by taking advantage of the server's capacity to...
Server side request forgery (ssrf)
LangChain before 0.0.317 allows SSRF via documentloaders/recursiveurlloader.py because crawling can proceed from an external server to an internal server...
CVE-2023-46229
LangChain before 0.0.317 allows SSRF via documentloaders/recursiveurlloader.py because crawling can proceed from an external server to an internal server...
Design/Logic Flaw
mooSocial 3.1.8 is vulnerable to external service interaction on post function. When executed, the server sends a HTTP and DNS request to external server. The Parameters effected are multiple - messageText, datawallphoto, datauserShareVideo and datauserShareLink...
Mars: **"CSRF Vulnerability in ███████ Website Allows Attackers to Change User Profile Picture at ███████"**
The identified vulnerability is a CSRF vulnerability that allowed an attacker to change the user's profile picture on the ███████ website. The vulnerability was successfully reproduced by creating an account, navigating to the profile picture upload section, and utilizing the provided exploit cod...
PT-2023-20112 · Xcc · Xcc
Name of the Vulnerable Software and Affected Versions: XCC affected versions not specified Description: A valid, authenticated administrative user can query a web interface API to reveal the configured LDAP client password used by XCC to authenticate to an external LDAP server in certain...
Concrete5 CME v9.1.3 - Xpath injection
Exploit Title: Concrete5 CME v9.1.3 - Xpath injection Author: nu11secur1ty Date: 11.28.2022 Vendor: https://www.concretecms.org/ Software: https://www.concretecms.org/download Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/concretecms.org/2022/concretecms-9.1.3...
CVE-2022-20664
A vulnerability in the web management interface of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance SMA, and Cisco Email Security Appliance ESA could allow an authenticated, remote attacker to retrieve sensitive information from a Lightweight Directory Access...
ALPINE-CVE-2022-29361
Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform HTTP Request Smuggling using a crafted HTTP request with multiple requests included inside the body. NOTE: the vendor's position is that this behavior can only occur in unsupported configurations...
CVE-2022-29361
Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform HTTP Request Smuggling using a crafted HTTP request with multiple requests included inside the body. NOTE: the vendor's position is that this behavior can only occur in unsupported configurations...
Apache NiFi host header poisoning issue
A malicious host header in an incoming HTTP request could cause NiFi to load resources from an external server. The fix to sanitize host headers and compare to a controlled whitelist was applied on the Apache NiFi 1.5.0 release. Users running a prior 1.x release should upgrade to the appropriate...
GHSA-W4X6-J349-9R57 Apache NiFi host header poisoning issue
A malicious host header in an incoming HTTP request could cause NiFi to load resources from an external server. The fix to sanitize host headers and compare to a controlled whitelist was applied on the Apache NiFi 1.5.0 release. Users running a prior 1.x release should upgrade to the appropriate...
mod_auth_openidc: open redirect due to target_link_uri parameter not validated
A open redirect flaw was found in modauthopenidc where it does not sanitize targetlinkuri paramater properly. This issue could be used by a remote attacker to facilitate phishing attacks by tricking users into visiting a trusted web application URL that redirects to an external and potentially...