177 matches found
in cortezaproject/corteza-server
Set up the cortezaproject in your local machine. Steps: -------- 1. Create the account on corteza 2. Login using same credentails from chrome and firefox. 3. Change user password from chrome. 4. Perform any activity in Firefox the session is still valid. Mitigation: --------------- After changing...
Server-Side Request Forgery (SSRF) in erudika/scoold
✍️ Description Possible SSRF in scoold in user profile picture from URL 🕵️♂️ Proof of Concept Steps to reproduce: 1. Create an account and click on the image. 2. Now open the local server or enter any IP:port ex: http://127.0.0.1:8082 3. Now enter the URL and then view the image, you will see get...
DEBIAN-CVE-2021-32917
An issue was discovered in Prosody before 0.11.9. The proxy65 component allows open access by default, even if neither of the users has an XMPP account on the local server, allowing unrestricted use of the server's bandwidth...
Go-RouterSocks - Router Sock. One Port Socks For All The Others.
The next step after compromising a machine is to enumerate the network behind. Many tools exist to expose a socks port on the attacker's machine and send all the traffic through a tunnel to the compromised machine. When several socks ports are available, we have to manage different proxychains...
Design/Logic Flaw
LumisXP aka Lumis Experience Platform before 10.0.0 allows unauthenticated blind XXE via an API request to PageControllerXml.jsp. One can send a request crafted with an XXE payload and achieve outcomes such as reading local server files or denial of service...
CVE-2021-3252
KACO New Energy XP100U Up to XP-JAVA 2.0 is affected by incorrect access control. Credentials will always be returned in plain-text from the local server during the KACO XP100U authentication process, regardless of whatever passwords have been provided, which leads to an information disclosure...
KACO new energy GmbH KACO XP100U Security Vulnerability
KACO new energy GmbH KACO XP100U is an application from KACO new energy GmbH, Germany, that provides new energy conversion. A security vulnerability exists in KACO New Energy XP100U Up to XP-JAVA 2.0, which stems from credentials always being returned in plaintext from the local server, regardles...
Serious vulnerabilities fixed in Dell Wyse ThinOS
Vulnerabilities have been fixed in Dell Wyse ThinOS. A malicious person with access to a local FTP server could exploit the vulnerabilities to obtain sensitive information. The malicious party, by accessing this information and the ability to modify configuration files, the entire system. Dell ha...
Codoforum 4.8.3 - Persistent Cross-Site Scripting
Codoforum 4.8.3 - Persistent Cross-Site Scripting Exploit Title: Codoforum 4.8.3 - Persistent Cross-Site Scripting Google Dork: intext:"Powered by Codoforum" Date: 2020-01-03 Exploit Author: Prasanth c41m, Vyshnav Vizz Vendor Homepage: https://codoforum.com/index.php Software Link:...
New Relic: Disclosure of locally served nerdpacks due to nr-local.net CORS policy misconfiguration
Hey team, I've discovered that webserver which serves NR1 nerdpacks locally after nr1 nerdpack:serve is executed allows cross-origin requests from every subdomain of nr-ext.net. Since the nr-ext.net domain is used as a sandbox for user-supplied apps, an attacker can place there a malicious code...
Code injection
Code42 server through 7.0.2 for Windows has an Untrusted Search Path. In certain situations, a non-administrative attacker on the local server could create or modify a dynamic-link library DLL. The Code42 service could then load it at runtime, and potentially execute arbitrary code at an elevated...
Server side request forgery (ssrf)
A Server-Side Request Forgery SSRF vulnerability in the backup & restore functionality in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.3.0 allows a remote attacker to forge GET requests to arbitrary URLs. In addition, this could potentially allow an attacker to rea...
Latest FinSpy Modules Lift Data from Secure Messaging Apps
The latest iOS and Android versions of the FinSpy espionage malware have been deployed in the wild, and are capable of collecting a raft of personal information such as contacts, SMS/MMS messages, emails, calendars, GPS location, photos, files in memory, phone call recordings and data – even from...
Local Server Buffer Overflow Vulnerability
Local Server is a Windows-based Web server. A buffer overflow vulnerability exists in Local Server version 1.0.9. An attacker can exploit this vulnerability to cause a denial of service with specially crafted data...
CVE-2018-18756
Local Server 1.0.9 has a Buffer Overflow via crafted data on Port 4008...
CVE-2018-18756
Local Server 1.0.9 has a Buffer Overflow via crafted data on Port 4008...
Buffer overflow
Local Server 1.0.9 has a Buffer Overflow via crafted data on Port 4008...
CVE-2018-18756
CVE-2018-18756 affects Local Server 1.0.9. A buffer overflow is triggered by crafted data sent to port 4008, leading to Denial of Service. Multiple connected sources (NVD entry, CNVD/PRION/CVE lists, Exploit-DB/Exploit-Pack) corroborate a DoS risk with PoC evidence showing repeated socket connect...
CVE-2018-18756
Local Server 1.0.9 has a Buffer Overflow via crafted data on Port 4008...
Local Server 1.0.9 Denial Of Service
Exploit Title: Local Server 1.0.9 - Denial of Service PoC Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.ujang-rohidin.blogspot.com/ Software Link: https://sourceforge.net/projects/local-server/files/latest/download Version: 1.0.9 Category: Dos Tested on:...