3289 matches found
Shenzhen Yuanzheng Technology golo android app has information leakage vulnerability
golo APP is a social networking application that uses instant messaging as a communication platform to connect automotive repair technicians with car owners. Shenzhen Yuanzheng Technology golo Android APP has information leakage vulnerability. The attacker can view the user's sensitive informatio...
ZTE ADSL ZXV10 W300 Password Interception Vulnerability
The ZTE ADSL ZXV10 W300 is an ADSL modem Modem product from China's ZTE Corporation ZTE. A security vulnerability exists in the ZTE ADSL ZXV10 W300 W300V2.1.0fER7PEO57 version and W300V2.1.0hER7PEO57 version. A remote attacker can exploit this vulnerability to change the administrator password by...
CVE-2015-7257
ZTE ADSL ZXV10 W300 modems W300V2.1.0fER7PEO57 and W300V2.1.0hER7PEO57 allow remote authenticated non-administrator users to change the admin password by intercepting an outgoing password change request, and changing the username parameter from "support" to "admin"...
Trend Micro Hosted Email Security (HES) Interception / Insecure Direct Object Reference
Date: 24-Aug-2017 Product: Trend Micro Hosted Email Security HES Versions affected: Hosted Email Security before January 2012. Vulnerability: Two vulnerabilities were discovered. The first allowed any HES user to intercept in-transit emails through the Trend Micro Hosted Email Security cloud...
WebClientPrint Processor 2.0.15.109 TLS Validation Vulnerability
RedTeam Pentesting discovered that WebClientPrint Processor WCPP does not validate TLS certificates when initiating HTTPS connections. Thus, a man-in-the-middle attacker may intercept and/or modify HTTPS traffic in transit. This may result in a disclosure of sensitive information and the integrit...
CVE-2017-1386
IBM API Connect 5.0.0.0 could allow a user to bypass policy restrictions and create non-compliant passwords which could be intercepted and decrypted using man in the middle techniques. IBM X-Force ID: 127160...
Design/Logic Flaw
IBM API Connect 5.0.0.0 could allow a user to bypass policy restrictions and create non-compliant passwords which could be intercepted and decrypted using man in the middle techniques. IBM X-Force ID: 127160...
CVE-2017-1386
CVE-2017-1386 affects IBM API Connect 5.0.0.0 (and related product versions) where a user could bypass password policy and create non‑compliant passwords that might be intercepted and decrypted via man‑in‑the‑middle techniques. The IBM Security Bulletin details affected ranges: API Connect 5.0.0....
CVE-2017-1386
IBM API Connect 5.0.0.0 could allow a user to bypass policy restrictions and create non-compliant passwords which could be intercepted and decrypted using man in the middle techniques. IBM X-Force ID: 127160...
CVE-2017-11743
MEDHOST Connex (CVE-2017-11743) contains a hard-coded Mirth Connect admin credential ($K8t1ng) used for customer management access. The admin password is plaintext and identical across all installations, created during Connex install, with no option for customers to change it. A remote attacker a...
CVE-2017-9491
The Comcast firmware on Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST; Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST; Cisco DPC3939B firmware version dpc3939b-v303r204217-150321a-CMCST; Cisco DPC3941T firmware version DPC39412.5s3PRODsey; an...
CVE-2017-9491
The CVE-2017-9491 entry affects Comcast firmware on Cisco DPC3939, DPC3939B, DPC3941T, and Arris TG1682G devices. The underlying issue is that cookies used in the administration HTTPS session do not set the secure flag, enabling cookies to be captured if session traffic is intercepted in HTTP. Th...
SSH MITM - SSH Man-In-The-Middle Tool
This penetration testing tool allows an auditor to intercept SSH connections. A patch applied to the OpenSSH v7.5p1 source code causes it to act as a proxy between the victim and their intended SSH server; all plaintext passwords and sessions are logged to disk. Of course, the victim's SSH client...
WordPress: Stored xss via template injection
Hello Sir , I found Stored XSS in https://mercantile.wordpress.org/ POC is attached . Steps to reproduce: 1.Login to your account. 2. Go to https://mercantile.wordpress.org/my-account/edit-address/ & fill details , press save & intercept this request in burp suit. 3.change name to...
WakaTime: No rate limit when creating new goals [https://wakatime.com/goals]
Hi there, I was testing and found out that there's no rate limit on goals section https://wakatime.com/goals that means you can create multiple goals in a sec, which would lead to server crash since there's no limit per request that a user can make. I made at least 100 request, and still got 200 ...
CVE-2015-5378
Logstash 1.5.x before 1.5.3 and 1.4.x before 1.4.4 allows remote attackers to read communications between Logstash Forwarder agent and Logstash server...
CVE-2015-5378
Logstash 1.5.x before 1.5.3 and 1.4.x before 1.4.4 allows remote attackers to read communications between Logstash Forwarder agent and Logstash server...
Avaya Patches Remote Code Execution Flaw in Aura
Internet telephony company Avaya has patched a high-severity vulnerability in its Aura Application Enablement Services product that put phone call and API data running through the server at risk for interception. Researchers at Digital Defense found a vulnerability where an attacker could, withou...
U.S. Dept Of Defense: Insecure Direct Object Reference on in-scope .mil website
Summary: A web form in a .mil website doesn't implement restriction against multiple failed attempts to place an ID in order to obtain users information or cancel an ongoing process. Description: Websites https://█████████/appointment/lookup.aspx?a=f and...
Arbitrary User Registration Vulnerability in BBCBuilder E-Commerce System
BBCBuilder is a b2b2c model developed by Yuanfeng Company, which supports the e-commerce system of platform self-supporting and supplier store coexistence mode. Version 2.6.1 of the BBCBuilder e-commerce system contains an arbitrary user registration vulnerability that allows an attacker to...