16601 matches found
CVE-2024-35306 OS Command injection in Ajax PHP files through HTTP Request
OS Command injection in Ajax PHP files via HTTP Request, allows to execute system commands by exploiting variables. This issue affects Pandora FMS: from 700 through 777...
CVE-2024-35306 OS Command injection in Ajax PHP files through HTTP Request
OS Command injection in Ajax PHP files via HTTP Request, allows to execute system commands by exploiting variables. This issue affects Pandora FMS: from 700 through 777...
CVE-2024-35306
CVE-2024-35306 describes an OS command injection in Pandora FMS’ Ajax PHP files via HTTP requests, affecting Pandora FMS versions 700–776 (up to but not including 777). Root cause is insufficient sanitization of input variables, enabling an attacker to execute system commands. Impact is potential...
CVE-2024-35305
CVE-2024-35305 concerns an unauthenticated Time-Based SQL Injection in Pandora FMS API exploitable via the HTTP Authorization header. Affected versions are 700 to 776; exploitation can leak or access sensitive data, with high impact to confidentiality, integrity, and availability as reflected in ...
CVE-2024-35305 Unauth Time-Based SQL Injection via API
Unauth Time-Based SQL Injection in API allows to exploit HTTP request Authorization header. This issue affects Pandora FMS: from 700 through 777...
Exploit for OS Command Injection in Php
PHP RCE PoC CVE-2024-4577: Argument Injection in PHP-CGI...
PT-2024-35360
Name of the Vulnerable Software and Affected Versions: GNOME libsoup versions prior to 3.6.0 Description: The issue allows HTTP request smuggling in some configurations because '0' characters at the end of header names are ignored. For example, a "Transfer-Encoding0: chunked" header is treated th...
GHSA-FQ4P-86HH-42V9 Zend-Diactoros URL Rewrite vulnerability
zend-diactoros and, by extension, Expressive, zend-http and, by extension, Zend Framework MVC projects, and zend-feed specifically, its PubSubHubbub sub-component each contain a potential URL rewrite exploit. In each case, marshaling a request URI includes logic that introspects HTTP request...
Zend-Feed URL Rewrite vulnerability
zend-diactoros and, by extension, Expressive, zend-http and, by extension, Zend Framework MVC projects, and zend-feed specifically, its PubSubHubbub sub-component each contain a potential URL rewrite exploit. In each case, marshaling a request URI includes logic that introspects HTTP request...
Zend-HTTP URL Rewrite vulnerability
zend-diactoros and, by extension, Expressive, zend-http and, by extension, Zend Framework MVC projects, and zend-feed specifically, its PubSubHubbub sub-component each contain a potential URL rewrite exploit. In each case, marshaling a request URI includes logic that introspects HTTP request...
Exploit for OS Command Injection in Php
CVE-2024-4577, Argument Injection in PHP-CGI ./CVE-2024-45...
Security Bulletin: IBM Maximo Application Suite uses gunicorn-21.2.0-py3-none-any.whl which is vulnerable to CVE-2024-1135.
Summary IBM Maximo Application Suite uses gunicorn-21.2.0-py3-none-any.whl which is vulnerable to CVE-2024-1135. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-1135 DESCRIPTION: Gunicorn is vulnerable to HTTP request smuggling,...
Tornado has a CRLF injection in CurlAsyncHTTPClient headers
Summary Tornado’s curlhttpclient.CurlAsyncHTTPClient class is vulnerable to CRLF carriage return/line feed injection in the request headers. Details When an HTTP request is sent using CurlAsyncHTTPClient, Tornado does not reject carriage return \r or line feed \n characters in the request headers...
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') in tornado
Summary When Tornado receives a request with two Transfer-Encoding: chunked headers, it ignores them both. This enables request smuggling when Tornado is deployed behind a proxy server that emits such requests. Pound does this. PoC 0. Install Tornado. 1. Start a simple Tornado server that echoes...
GHSA-753J-MPMX-QQ6G Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') in tornado
Summary When Tornado receives a request with two Transfer-Encoding: chunked headers, it ignores them both. This enables request smuggling when Tornado is deployed behind a proxy server that emits such requests. Pound does this. PoC 0. Install Tornado. 1. Start a simple Tornado server that echoes...
GHSA-973G-55HP-3FRW Server-Side Request Forgery in gradio
A Server-Side Request Forgery SSRF vulnerability exists in the gradio-app/gradio and was discovered in version 4.21.0, specifically within the /queue/join endpoint and the saveurltocache function. The vulnerability arises when the path value, obtained from the user and expected to be a URL, is us...
Server-Side Request Forgery in gradio
A Server-Side Request Forgery SSRF vulnerability exists in the gradio-app/gradio and was discovered in version 4.21.0, specifically within the /queue/join endpoint and the saveurltocache function. The vulnerability arises when the path value, obtained from the user and expected to be a URL, is us...
CVE-2024-4325
A Server-Side Request Forgery SSRF vulnerability exists in the gradio-app/gradio version 4.21.0, specifically within the /queue/join endpoint and the saveurltocache function. The vulnerability arises when the path value, obtained from the user and expected to be a URL, is used to make an HTTP...
CVE-2024-4325 Server-Side Request Forgery (SSRF) in gradio-app/gradio
A Server-Side Request Forgery SSRF vulnerability exists in the gradio-app/gradio version 4.21.0, specifically within the /queue/join endpoint and the saveurltocache function. The vulnerability arises when the path value, obtained from the user and expected to be a URL, is used to make an HTTP...
CVE-2024-4325 Server-Side Request Forgery (SSRF) in gradio-app/gradio
A Server-Side Request Forgery SSRF vulnerability exists in the gradio-app/gradio version 4.21.0, specifically within the /queue/join endpoint and the saveurltocache function. The vulnerability arises when the path value, obtained from the user and expected to be a URL, is used to make an HTTP...