DEBIAN-CVE-2013-2199

The HTTP API in WordPress before 3.5.2 allows remote attackers to send HTTP requests to intranet servers via unspecified vectors, related to a Server-Side Request Forgery SSRF issue, a similar vulnerability to CVE-2013-0235...

CVE-2013-2199

The HTTP API in WordPress before 3.5.2 allows remote attackers to send HTTP requests to intranet servers via unspecified vectors, related to a Server-Side Request Forgery SSRF issue, a similar vulnerability to CVE-2013-0235...

Server side request forgery (ssrf)

The HTTP API in WordPress before 3.5.2 allows remote attackers to send HTTP requests to intranet servers via unspecified vectors, related to a Server-Side Request Forgery SSRF issue, a similar vulnerability to CVE-2013-0235...

CVE-2013-2199

The HTTP API in WordPress before 3.5.2 allows remote attackers to send HTTP requests to intranet servers via unspecified vectors, related to a Server-Side Request Forgery SSRF issue, a similar vulnerability to CVE-2013-0235...

CVE-2013-2199

The HTTP API in WordPress before 3.5.2 allows remote attackers to send HTTP requests to intranet servers via unspecified vectors, related to a Server-Side Request Forgery SSRF issue, a similar vulnerability to CVE-2013-0235...

CVE-2013-2199

The HTTP API in WordPress before 3.5.2 allows remote attackers to send HTTP requests to intranet servers via unspecified vectors, related to a Server-Side Request Forgery SSRF issue, a similar vulnerability to CVE-2013-0235...

CVE-2013-2199

The CVE-2013-2199 entry concerns WordPress HTTP API vulnerability that permits SSRF-like behavior in WordPress before 3.5.2. Connected sources specify the issue as enabling remote servers to trigger HTTP requests to internal/intranet hosts via unspecified vectors, with a similar context to CVE-20...

WordPress 3.5-3.5.1 HTTP API Unspecified Server Side Request Forgery (SSRF)

...

Nmap NSE net: couchdb-stats

Gets database statistics from a CouchDB database. For more info about the CouchDB HTTP API and the statistics, see http://wiki.apache.org/couchdb/RuntimeStatistics and http://wiki.apache.org/couchdb/HTTPdatabaseAPI. SYNTAX: http.pipeline: If set, it represents the number of HTTP requests that'll ...

Nmap NSE net: couchdb-databases

Gets database tables from a CouchDB database. For more info about the CouchDB HTTP API, see http://wiki.apache.org/couchdb/HTTPdatabaseAPI. SYNTAX: http.pipeline: If set, it represents the number of HTTP requests that'll be pipelined ie, sent in a single request. This can be set low to make...

xMatters AlarmPoint Java Web Server API 3.2.1 Cross Site Scripting

Information -------------------- Name : XSS Persistent vulnerability in xMatters AlarmPoint Java Web Server API Software : xMatters AlarmPoint Vendor Homepage : http://www.xmatters.com Vulnerability Type : Cross-Site Scripting Severity : High Researcher : Juan Sacco Description ------------------...

couchdb-databases NSE Script

Gets database tables from a CouchDB database. For more info about the CouchDB HTTP API, see . Script Arguments slaxml.debug See the documentation for the slaxml library. http.host, http.max-body-size, http.max-cache-size, http.max-pipeline, http.pipeline, http.truncated-ok, http.useragent See the...

couchdb-stats NSE Script

Gets database statistics from a CouchDB database. For more info about the CouchDB HTTP API and the statistics, see and . Script Arguments slaxml.debug See the documentation for the slaxml library. http.host, http.max-body-size, http.max-cache-size, http.max-pipeline, http.pipeline,...

[Suspected Spam][oCERT-2009-019] Ganeti path sanitization errors

2009-019 Ganeti path sanitization errors Description: Ganeti, an open source virtualisation manager, suffers from an input validation bug that poses a security risk. The vulnerability applies to the commands submitted, either locally via gnt- commands or remotely via the HTTP API, to the machine...