PT-2020-12797 · Kong · Docker-Kong

Name of the Vulnerable Software and Affected Versions: docker-kong versions through 2.0.3 Description: An issue was discovered where the admin API port may be accessible on interfaces other than 127.0.0.1. The vendor argues that this is not a vulnerability because it has an inaccurate bug scope a...

CVE-2020-11499

Firmware Analysis and Comparison Tool FACT 3 has Stored XSS when updating analysis details via a localhost web request, as demonstrated by mishandling of the tags and version fields in helperFunctions/mongotaskconversion.py...

Cross site scripting

Firmware Analysis and Comparison Tool FACT 3 has Stored XSS when updating analysis details via a localhost web request, as demonstrated by mishandling of the tags and version fields in helperFunctions/mongotaskconversion.py...

CVE-2020-11499

FACT 3 from Firmware Analysis and Comparison Tool shows a Stored XSS vulnerability when updating analysis details via a localhost web request, caused by mishandling of the tags and version fields in helperFunctions/mongo_task_conversion.py. This is corroborated by multiple CVE references (NVD, Re...

CVE-2020-11499

Firmware Analysis and Comparison Tool FACT 3 has Stored XSS when updating analysis details via a localhost web request, as demonstrated by mishandling of the tags and version fields in helperFunctions/mongotaskconversion.py...

CVE-2018-18506

When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration PAC file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server. This behavior is disallowed by default when a proxy is...

CVE-2020-10807

authsvc in Caldera before 2.6.5 allows authentication bypass for REST API requests via a forged "localhost" string in the HTTP Host header...

Internet Bug Bounty: URN Request bypass ACL Checks

Summary: Attacker can bypass ACL checks gaining access to restricted HTTP servers such as those running on localhost. Attacker could also gain access to CacheManager if VIA header is turned off. Only lines with : will be readable though, and the response must be less than 4096 bytes or it'll...

CVE-2020-7943

Puppet Server and PuppetDB provide useful performance and debugging information via their metrics API endpoints. For PuppetDB this may contain things like hostnames. Puppet Server reports resource names and titles for defined types which may contain sensitive information as well as function names...

DEBIAN-CVE-2020-7943

Puppet Server and PuppetDB provide useful performance and debugging information via their metrics API endpoints. For PuppetDB this may contain things like hostnames. Puppet Server reports resource names and titles for defined types which may contain sensitive information as well as function names...

UBUNTU-CVE-2020-7943

Puppet Server and PuppetDB provide useful performance and debugging information via their metrics API endpoints. For PuppetDB this may contain things like hostnames. Puppet Server reports resource names and titles for defined types which may contain sensitive information as well as function names...

CVE-2020-7943

Puppet Server and PuppetDB provide useful performance and debugging information via their metrics API endpoints. For PuppetDB this may contain things like hostnames. Puppet Server reports resource names and titles for defined types which may contain sensitive information as well as function names...

puppetserver and puppetdb -- Puppet Server and PuppetDB may leak sensitive information via metrics API

Puppetlabs reports: Puppet Server and PuppetDB provide useful performance and debugging information via their metrics API endpoints. For PuppetDB this may contain things like hostnames. Puppet Server reports resource names and titles for defined types which may contain sensitive information as we...

CVE Api - Parse & filter the latest CVEs from cve.mitre.org

Parse & filter the latest CVEs from https://cve.mitre.org. Docs Usage http://localhost:4000/cve?target=KEYWORD The year parameter is optional. http://localhost:4000/cve?target=KEYWORD&year=YEAR Examples http://localhost:4000/cve?target=ruby%20on%20rails...

AVideo Platform 8.1 Cross Site Request Forgery

Exploit Title: AVideo Platform 8.1 - Cross Site Request Forgery Password Reset Dork: N/A Date: 2020-02-05 Exploit Author: Ihsan Sencan Vendor Homepage: https://avideo.com Software Link: https://github.com/WWBN/AVideo Version: 8.1 Tested on: Linux CVE: N/A POC: 1...

lemlist: SSRF in img.lemlist.com that leads to Localhost Port Scanning

Summary: A SSRF attack can be performed leading to localhost port scanning. Link : https://img.lemlist.com/api/image-templates/itpvBBNpQuMsy6FYLQAc/?preview=true&email=email@ Steps To Reproduce: To perform this port scan you'll need to setup a few files. First of all you need to change the url in...

CVE-2019-19696

A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to...

curl: Port and service scanning on localhost due to improper URL validation.

Summary: Generally web masters and developers protect user-accessible CURL from requesting forbidden domains so that the attacker is not able to access internal resources. It is usually done using regular expressions. Mostly addresses like 127.x.x.x, 192.168.x.x and "integer" notation of IP...

Codoforum 4.8.3 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Codoforum 4.8.3 - Persistent Cross-Site Scripting Google Dork: intext:"Powered by Codoforum" Exploit Author: Prasanth c41m, Vyshnav Vizz Vendor Homepage: https://codoforum.com/index.php Software Link: https://codoforum.com/buy...

CVE-2012-6094

cups Common Unix Printing System 'Listen localhost:631' option not honored correctly which could provide unauthorized access to the system...