347 matches found
A map plugin for Mincraft server "Dynmap" fails to restrict access permissions
Overview A map plugin for Mincraft server "Dynmap" fails to restrict access permissions CWE-284. RyotaK directly reported this vulnerability to the developer and coordinated on his own. After coordination was completed, this case was reported to IPA, and JPCERT/CC coordinated with the developer f...
JVN#89046645: A map plugin for Minecraft server "Dynmap" fails to restrict access permissions
A map plugin for Minecraft server "Dynmap" fails to restrict access permissions CWE-284. Impact Under the circumstance where a user is required to login Dynmap, a remote attacker may bypass the login authentication and be able to see a map image that requires authentication. Solution Update the...
50,000 Minecraft users infected with hard drive wiping malware
By Waqas Here is why you should avoid downloading mods and skins This is a post from HackRead.com Read the original post: 50,000 Minecraft users infected with hard drive wiping malware...
minecraft-italia.it XSS vulnerability
Open Bug Bounty ID: OBB-593423 Description| Value ---|--- Affected Website:| minecraft-italia.it Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Minecraft Servers List Lite and Premium Minecraft Servers List Unauthenticated Upload Vulnerability
Minecraft Servers List Lite is a lite version of a set of scripts for displaying a list of Minecraft game servers.Premium Minecraft Servers List is its premium version. A security vulnerability in the install.php file in versions of Minecraft Servers List Lite prior to commit c1cd164 and Premium...
Code injection
install.php in Minecraft Servers List Lite before commit c1cd164 and Premium Minecraft Servers List before 2.0.4 does not sanitize input before saving database connection information in connect.php, which might allow remote attackers to execute arbitrary PHP code via the 1 databaseserver, 2...
CVE-2018-5749
install.php in Minecraft Servers List Lite before commit c1cd164 and Premium Minecraft Servers List before 2.0.4 does not sanitize input before saving database connection information in connect.php, which might allow remote attackers to execute arbitrary PHP code via the 1 databaseserver, 2...
CVE-2018-5749
install.php in Minecraft Servers List Lite before commit c1cd164 and Premium Minecraft Servers List before 2.0.4 does not sanitize input before saving database connection information in connect.php, which might allow remote attackers to execute arbitrary PHP code via the 1 databaseserver, 2...
CVE-2018-5749
install.php in Minecraft Servers List Lite before commit c1cd164 and Premium Minecraft Servers List before 2.0.4 does not sanitize input before saving database connection information in connect.php, which might allow remote attackers to execute arbitrary PHP code via the 1 databaseserver, 2...
CVE-2018-5749
CVE-2018-5749 affects Minecraft Servers List Lite (pre-commit c1cd164) and Premium Minecraft Servers List (pre-2.0.4). The root cause is failure to sanitize/filter database connection information before storing it in connect.php, enabling a remote attacker to execute arbitrary PHP code via the pa...
minecraft-serverlist.net XSS vulnerability
Open Bug Bounty ID: OBB-494130 Description| Value ---|--- Affected Website:| minecraft-serverlist.net Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated...
minecraft-forum.net Open Redirect vulnerability
Open Bug Bounty ID: OBB-452900 Description| Value ---|--- Affected Website:| minecraft-forum.net Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N Remediation Guide:| OWASP Open Redirect Cheat Sheet...
More trouble in Google Play land
This is not a good week for Google, it seems. After our mobile security experts repeatedly discovered adware on several apps on the Google Play store, our friends at Symantec have unearthed at least eight malicious apps that are found capable of adding affected mobile devices to a botnet. Accordi...
Android Apps Infected with Sockbot Malware Turn Devices into Botnet
By Waqas Cybercriminals apparently are well aware of the fact that Minecraft This is a post from HackRead.com Read the original post: Android Apps Infected with Sockbot Malware Turn Devices into Botnet...
minecraft-rus.ru Open Redirect vulnerability
Vulnerable URL: http://minecraft-rus.ru/forum/away.php?s=http://openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| 1790829 VIP website status:| No Check...
Minecraft 1.6.61 Privilege Escalation
Minecraft Launcher: https://minecraft.net Version: 1.6.61 By Ross Marks: http://www.rossmarks.co.uk Exploit-db: https://www.exploit-db.com/author/?a=8724 Category: Local Tested on: Windows 10 x86/x64 1 Insecure File Permissions Local Privilege Escalation Minecraft's launcher minecraftLauncher.exe...
Minecraft Launcher - Insecure File Permissions Privilege Escalation
Exploit for windows platform in category local exploits Minecraft Launcher: https://minecraft.net Version: 1.6.61 By Ross Marks: http://www.rossmarks.co.uk Exploit-db: https://www.exploit-db.com/author/?a=8724 Category: Local Tested on: Windows 10 x86/x64 1 Insecure File Permissions Local Privile...
Minecraft Launcher 1.6.61 - Insecure File Permissions Privilege Escalation
Minecraft Launcher 1.6.61 - Insecure File Permissions Privilege Escalation Minecraft Launcher: https://minecraft.net Version: 1.6.61 By Ross Marks: http://www.rossmarks.co.uk Exploit-db: https://www.exploit-db.com/author/?a=8724 Category: Local Tested on: Windows 10 x86/x64 1 Insecure File...
Minecraft Launcher 1.6.61 - Insecure File Permissions Privilege Escalation
Minecraft Launcher: https://minecraft.net Version: 1.6.61 By Ross Marks: http://www.rossmarks.co.uk Exploit-db: https://www.exploit-db.com/author/?a=8724 Category: Local Tested on: Windows 10 x86/x64 1 Insecure File Permissions Local Privilege Escalation Minecraft's launcher minecraftLauncher.exe...
Toolbox for Minecraft: PE - Dangerous filesystem permissions, Hardcoded secrets, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Toolbox for Minecraft: PE published at the 'play' market has multiple vulnerabilities...