CVE-2014-2914

CVE-2014-2914 affects fish-shell up to version 2.0.0; versions before 2.1.1 do not restrict access to the configuration service (fish_config), enabling remote code execution via unspecified vectors (demonstrated by set_prompt). The NVD entry lists a CVSS‑3.1 base score of 9.8 (CRITICAL) and CVSS‑...

Login Bypass Vulnerability in Flying Fish Star Enterprise Intelligent Wireless Internet Behavior Management System

Chengdu Flying Fish Star Technology Co., Ltd. is a value-added service that serves enterprise, business and home users with intelligent and easy-to-use network communication management devices and innovative technologies. A login bypass vulnerability exists in the Flyingfish Star Enterprise...

MFScripts YetiShare Cross-Site Scripting Vulnerability

Mellow Fish YetiShare is a PHP-based file hosting web system script from Mellow Fish UK. A cross-site scripting vulnerability exists in the getallfileserverpaths.ajax.php file in Mellow Fish YetiShare versions 3.5.2 through 4.5.3. The vulnerability stems from a lack of proper validation of...

Unspecified Vulnerability in Mellow Fish YetiShare

Mellow Fish YetiShare is a PHP-based file hosting web system script from Mellow Fish UK. A security vulnerability exists in the accountforgotpassword.ajax.php file in Mellow Fish YetiShare versions 3.5.2 through 4.5.3. An attacker can exploit the vulnerability to enumerate user accounts by guessi...

Mellow Fish YetiShare Cross-Site Scripting Vulnerability

Mellow Fish YetiShare is a PHP-based file hosting web system script from Mellow Fish UK. A security vulnerability exists in Mellow Fish YetiShare versions 3.5.2 through 4.5.3, which stems from the program not setting the HttpOnly flag on session cookies. An attacker can exploit the vulnerability ...

Mellow Fish YetiShare Cross-Site Request Forgery Vulnerability

Mellow Fish YetiShare is a PHP-based file hosting web system script from Mellow Fish UK. A security vulnerability exists in Mellow Fish YetiShare versions 3.5.2 through 4.5.3, which stems from the program not setting the SameSite flag on session cookies. An attacker can exploit this vulnerability...

OPENSUSE-SU-2019:2177-1 Security update for fish3

This update supplies the 'fish3' package, complementary to the 'fish' package...

Arbitrary File Deletion Vulnerability in Fish Leap CMS

Fish CMS is a content management system developed by the official Catfish CMS specifically for enterprise applications. There is an arbitrary file deletion vulnerability in FishCenter CMS, which can be exploited by an attacker to delete arbitrary files...

XSS Vulnerability in Fish Leap CMS Frontend at Comments

Fish CMS is a content management system developed by the official Catfish CMS specifically for enterprise applications. An XSS vulnerability exists in the front-end comments of FishCenter CMS, which can be exploited by an attacker to obtain an administrator cookie...

XSS Vulnerability in FishLeap CMS Frontend Comments List

Fish CMS is a content management system developed by the official Catfish CMS specifically for enterprise applications. An XSS vulnerability exists in the front-end comment list of FishCare CMS, which can be exploited by an attacker to obtain an administrator cookie...

Using the L.U.R.E. Method to Swim Free of Phishing Attacks

baitfish noun bait·​fish | \ˈbāt-ˌfish \ Definition of baitfish : a small fish such as a golden shiner or menhaden that attracts and is a food source for a larger game fish also : a fish used for bait Think about being in a school of fish for a second. Schools behave the way they do for a reason...

BlackEye - The Most Complete Phishing Tool, With 32 Templates +1 Customizable

BLACKEYE is an upgrade from original ShellPhish Tool https://github.com/thelinuxchoice/shellphish by thelinuxchoice under GNU LICENSE. It is the most complete Phishing Tool, with 32 templates +1 customizable. WARNING: IT ONLY WORKS ON LAN! This tool was made for educational purposes! Phishing Pag...

Hackers attack Casino’s fish tank thermometer to obtain sensitive data

By Waqas The Internet of Things IoT has transformed the way we This is a post from HackRead.com Read the original post: Hackers attack Casino’s fish tank thermometer to obtain sensitive data...

Casino Gets Hacked Through Its Internet-Connected Fish Tank Thermometer

Internet-connected technology, also known as the Internet of Things IoT, is now part of daily life, with smart assistants like Siri and Alexa to cars, watches, toasters, fridges, thermostats, lights, and the list goes on and on. But of much greater concern, enterprises are unable to secure each a...

DEBIAN-CVE-2014-3219

fish before 2.1.1 allows local users to write to arbitrary files via a symlink attack on 1 /tmp/fishd.log.%s, 2 /tmp/.pac-cache.$USER, 3 /tmp/.yum-cache.$USER, or 4 /tmp/.rpm-cache.$USER...

CVE-2014-3219

fish before 2.1.1 allows local users to write to arbitrary files via a symlink attack on 1 /tmp/fishd.log.%s, 2 /tmp/.pac-cache.$USER, 3 /tmp/.yum-cache.$USER, or 4 /tmp/.rpm-cache.$USER...

CVE-2014-3219

fish before 2.1.1 allows local users to write to arbitrary files via a symlink attack on 1 /tmp/fishd.log.%s, 2 /tmp/.pac-cache.$USER, 3 /tmp/.yum-cache.$USER, or 4 /tmp/.rpm-cache.$USER...

Code injection

fish before 2.1.1 allows local users to write to arbitrary files via a symlink attack on 1 /tmp/fishd.log.%s, 2 /tmp/.pac-cache.$USER, 3 /tmp/.yum-cache.$USER, or 4 /tmp/.rpm-cache.$USER...

CVE-2014-3219

fish before 2.1.1 allows local users to write to arbitrary files via a symlink attack on 1 /tmp/fishd.log.%s, 2 /tmp/.pac-cache.$USER, 3 /tmp/.yum-cache.$USER, or 4 /tmp/.rpm-cache.$USER...

CVE-2014-3219

fish before 2.1.1 allows local users to write to arbitrary files via a symlink attack on 1 /tmp/fishd.log.%s, 2 /tmp/.pac-cache.$USER, 3 /tmp/.yum-cache.$USER, or 4 /tmp/.rpm-cache.$USER...