2 matches found
GHSA-H5GX-45RJ-2H5J Kerberos Hub private key (X-Kerberos-Hub-PrivateKey) leaked to cross-host redirect target due to redirect-following HTTP client without CheckRedirect
Summary The Kerberos Hub upload path sends the agent's Hub credentials in the custom X-Kerberos-Hub-PrivateKey and X-Kerberos-Hub-PublicKey request headers to the operator-configured Hub URL config.HubURI. The HTTP client used &http.Client in UploadKerberosHub is constructed without a CheckRedire...
NotFTP 1.3.1 (newlang) Local File Inclusion Vulnerability
Exploit for unknown platform in category web applications ========================================================= NotFTP 1.3.1 newlang Local File Inclusion Vulnerability ========================================================= NotFTP 1.3.1 = Local file include...