Directory traversal

There is a directory traversing vulnerability in the download page url of AquaNPlayer 2.0.0.92. The IP of the download page url is localhost and an attacker can traverse directories using "dot dot" sequences../../ to view host file on the system. This vulnerability can cause information leakage...

CourseMS 2.1 - (name) Stored XSS Vulnerability

Exploit Title: CourseMS 2.1 - 'name' Stored XSS Exploit Author: cptsticky Vendor Homepage: http://sourceforge.net/projects/coursems Software Link: https://sourceforge.net/projects/coursems/files/latest/download Version: 2.1 Tested on: Ubuntu 20.04 POST /coursems/admin/addjobs.php HTTP/1.1 Host:...

nodejs: DNS rebinding in --inspect

A flaw was found in nodejs. A denial of service is possible when the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS over the network. If the attacker controls the victim's DNS server or can spoof its response...

nodejs: DNS rebinding in --inspect

A flaw was found in nodejs. A denial of service is possible when the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS over the network. If the attacker controls the victim's DNS server or can spoof its response...

nodejs: DNS rebinding in --inspect

A flaw was found in nodejs. A denial of service is possible when the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS over the network. If the attacker controls the victim's DNS server or can spoof its response...

nodejs: DNS rebinding in --inspect

A flaw was found in nodejs. A denial of service is possible when the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS over the network. If the attacker controls the victim's DNS server or can spoof its response...

nodejs: DNS rebinding in --inspect

A flaw was found in nodejs. A denial of service is possible when the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS over the network. If the attacker controls the victim's DNS server or can spoof its response...

ALPINE-CVE-2021-22884

Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over network. If the attacker controls the victim's DN...

Open Redirect

Overview Slashify is an Express middleware that normalises routes by stripping any final slash, redirecting, for example, bookings/latest/ to bookings/latest. However, it does not validate the path it redirects to in any way. In particular, if the path starts with two slashes or two backslashes, ...

CVE-2021-3189

The slashify package 1.0.0 for Node.js allows open-redirect attacks, as demonstrated by a localhost:3000///example.com/ substring...

Npm slashify input validation error vulnerability

Npm slashify is an application from the US Npm community. It is provided for handling trailing slashes with options. An input validation error vulnerability exists in Npm slashify. The vulnerability stems from a web-based system or product that does not properly validate input data, which could...

CVE-2021-20199

Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 including from remote hosts. This impacts containerized applications that trust localhost 127.0.01 connections by default and do not require authentication. This issue affects Podman 1.8.0 onwards...

DEBIAN-CVE-2021-20199

Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 including from remote hosts. This impacts containerized applications that trust localhost 127.0.01 connections by default and do not require authentication. This issue affects Podman 1.8.0 onwards...

AZL-7329 CVE-2021-20199 affecting package podman for versions less than 4.1.1-1

Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 including from remote hosts. This impacts containerized applications that trust localhost 127.0.01 connections by default and do not require authentication. This issue affects Podman 1.8.0 onwards...

CVE-2021-20199

Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 including from remote hosts. This impacts containerized applications that trust localhost 127.0.01 connections by default and do not require authentication. This issue affects Podman 1.8.0 onwards...

UBUNTU-CVE-2021-20199

Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 including from remote hosts. This impacts containerized applications that trust localhost 127.0.01 connections by default and do not require authentication. This issue affects Podman 1.8.0 onwards...

CVE-2021-20199

Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 including from remote hosts. This impacts containerized applications that trust localhost 127.0.01 connections by default and do not require authentication. This issue affects Podman 1.8.0 onwards...

CVE-2021-20199

Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 including from remote hosts. This impacts containerized applications that trust localhost 127.0.01 connections by default and do not require authentication. This issue affects Podman 1.8.0 onwards...

Podman onwards Access Control Error Vulnerability

Podman is an engine for developing, managing and running OCI containers on Linux systems. A security vulnerability exists in Podman 1.8.0 onwards, which originates from containerized applications that by default trust the localhost 127.0.01 connection and do not require authentication...

EgavilanMedia PHPCRUD 1.0 Cross Site Scripting

Exploit Title: EgavilanMedia PHPCRUD 1.0 - 'Full Name' Stored Cross Site Scripting Exploit Author: Mahendra Purbia Vendor Homepage: http://egavilanmedia.com Software Link: https://egavilanmedia.com/crud-operation-with-php-mysql-bootstrap-and-dompdf/ Version: 1.0 Tested on: Windows 10 Vulnerable...