Email Artillery <= 4.1 - Arbitrary File Upload

The plugin does not properly check the uploaded files from the Import Emails feature, allowing arbitrary files to be uploaded. Furthermore, the plugin is also lacking any CSRF check, allowing such issue to be exploited via a CSRF attack as well. However, due to the presence of a .htaccess, denyin...

COMMAX Biometric Access Control System 1.0.0 Authentication Bypass

COMMAX Biometric Access Control System 1.0.0 Authentication Bypass Vendor: COMMAX Co., Ltd. Prodcut web page: https://www.commax.com Affected version: 1.0.0 Summary: Biometric access control system. Desc: The application suffers from an authentication bypass vulnerability. An unauthenticated...

COMMAX Biometric Access Control System 1.0.0 - Authentication Bypass Vulnerability

Exploit Title: COMMAX Biometric Access Control System 1.0.0 - Authentication Bypass Exploit Author: LiquidWorm Vendor Homepage: https://www.commax.com COMMAX Biometric Access Control System 1.0.0 Authentication Bypass Vendor: COMMAX Co., Ltd. Prodcut web page: https://www.commax.com Affected...

Exploit for Improper Encoding or Escaping of Output in F5 Nginx

This is an open-source collection of vulnerable web applications and environments for security testing and education. The repository is maintained by phith0n and is available on GitHub. It contains a variety of vulnerable applications, including web servers, databases, and other systems, to help...

Security Bulletin: Multiple vulnerabilities in F5 NGINX Controller affect IBM Cloud Pak for Automation

Summary The vulnerabilities are related to F5 NGINX Controller, included in the pfs-nginx-prod docker image, that is deployed by IBM Process Federation Server . Vulnerability Details CVEID: CVE-2021-23018 DESCRIPTION: F5 NGINX Controller could allow a remote attacker to obtain sensitive...

Security Bulletin: IBM API Connect is affected by PHP (CVE-2015-9253) and nginx (CVE-2016-0746) vulnerabilities

Summary IBM API Connect Developer Portal has addressed the following vulnerabilities. PHP is vulnerable to a denial of service, caused by an endless loop in the php-fpm main process. A remote attacker could exploit this vulnerability to exhaust CPU and disk space resources. Nginx is vulnerable to...

EulerOS 2.0 SP8 : nginx (EulerOS-SA-2021-2308)

According to the version of the nginx packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byt...

Roxy-WI SQL Injection Vulnerability

Roxy-WI is a web interface for managing Haproxy, Nginx, and Keepalived servers. SQL injection vulnerabilities exist in Roxy-WI 5.2.2.0 and earlier versions, which can be exploited by attackers to conduct SQL injection attacks via selectservers...

Huawei EulerOS: Security Advisory for nginx (EulerOS-SA-2021-2308)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Roxy-WI Command Injection Vulnerability

Roxy-WI, the web interface for managing Haproxy, Nginx, and Keepalived servers, is vulnerable to a command injection vulnerability in Roxy-WI 5.2.2.0 and earlier. An attacker can exploit this vulnerability to conduct command injection attacks via /app/funct.py and /api/apifunct.py...

Roxy-WI SQL注入漏洞

Roxy-WI is a web interface for managing Haproxy, Nginx, and Keepalived servers. SQL injection vulnerabilities exist in Roxy-WI 5.2.2.0 and earlier versions, which can be exploited by attackers to conduct SQL injection attacks via selectservers...

Nginx Vhost Traffic Status Information Disclosure

It is possible to obtain an overview of the remote Nginx web server's Vhost traffic activity and performance by requesting the URL '/status'. This overview includes information such as current hosts, server version and requests being processed, the number of workers idle and service requests, and...

nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name

A flaw was found in nginx. An off-by-one error while processing DNS responses allows a network attacker to write a dot character out of bounds in a heap allocated buffer which can allow overwriting the least significant byte of next heap chunk metadata likely leading to a remote code execution in...

Longjing Technology BEMS API 1.21 Remote Arbitrary File Download

Longjing Technology BEMS API 1.21 Remote Arbitrary File Download Vendor: Longjing Technology Product web page: http://www.ljkj2012.com Affected version: 1.21 Summary: Battery Energy Management System. Desc: The application suffers from an unauthenticated arbitrary file download vulnerability. Inp...

Longjing Technology BEMS API 1.21 - Remote Arbitrary File Download

Exploit Title: Longjing Technology BEMS API 1.21 - Remote Arbitrary File Download Date: 05.07.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.ljkj2012.com Longjing Technology BEMS API 1.21 Remote Arbitrary File Download Vendor: Longjing Technology Product web page:...

Longjing Technology BEMS API 1.21 Remote Arbitrary File Download

Summary Battery Energy Management System. Description The application suffers from an unauthenticated arbitrary file download vulnerability. Input passed through the fileName parameter through downloads endpoint is not properly verified before being used to download files. This can be exploited t...

openSUSE 15 Security Update : nginx (openSUSE-SU-2021:1815-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1815-1 advisory. - A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause...

openSUSE: Security Advisory for nginx (openSUSE-SU-2021:1815-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2021:1815-1 Security update for nginx

This update for nginx fixes the following issues: - CVE-2021-23017: nginx DNS resolver off-by-one heap write bsc1186126...

Security update for nginx (important)

openSUSE Security Update: Security update for nginx Announcement ID: openSUSE-SU-2021:1815-1 Rating: important References: 1186126 Cross-References: CVE-2021-23017 CVSS scores: CVE-2021-23017 NVD : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-23017 SUSE: 8.1...