The vulnerability of the CyberPanel web hosting control panel, related to the lack of measures to neutralize specific elements, allows a hacker to execute arbitrary commands.

The vulnerability of the CyberPanel web hosting control panel exists due to the lack of measures taken to neutralize certain elements. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary commands using a specially created HTTP OPTIONS request...

Microsoft IIS Shortname Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft IIS shortname vulnerability scanner', 'Description' = %q The vulnerability is caused by a tilde character "" in a GET or OPTIONS reques...

SUSE CVE-2009-2816

The implementation of Cross-Origin Resource Sharing CORS in WebKit, as used in Apple Safari before 4.0.4 and Google Chrome before 3.0.195.33, includes certain custom HTTP headers in the OPTIONS request during cross-origin operations with preflight, which makes it easier for remote attackers to...

SUSE CVE-2017-9798

Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker...

Privilege Escalation via edit response body

Description Recently, i found a business logic vulnerabity and this vulnerability allow reader user perform privilege escalation on allaccess user. Because before user perform any function, client-side will perform OPTIONS request to view user permission with specify function via response body. I...

IBM ISS BlackICE PC 安全漏洞

IBM ISS BlackICE PC is a personal firewall/IDS for Windows desktops from International Business Machines IBM. A security vulnerability exists in IBM ISS BlackICE PC Protection that stems from Cross Site Scripting Detection causing an elevation of privilege when processing operations that are part...

GHSA-J95H-WMX9-4279 Denial of Service

Withdrawn: Duplicate of GHSA-j95h-wmx9-4279. Affected versions of the package are vulnerable to a Denial of Service attack sending an OPTIONS request for an undefined route...

Denial of Service

Withdrawn: Duplicate of GHSA-j95h-wmx9-4279. Affected versions of the package are vulnerable to a Denial of Service attack sending an OPTIONS request for an undefined route...

CVE-2020-10105

An issue was discovered in Zammad 3.0 through 3.2. It returns source code of static resources when submitting an OPTIONS request, rather than a GET request. Disclosure of source code allows for an attacker to formulate more precise attacks. Source code was disclosed for the file 404.html...

CVE-2019-5630

A Cross-Site Request Forgery CSRF vulnerability was found in Rapid7 Nexpose InsightVM Security Console versions 6.5.0 through 6.5.68. This issue allows attackers to exploit CSRF vulnerabilities on API endpoints using Flash to circumvent a cross-domain pre-flight OPTIONS request...

CVE-2019-5630

CVE-2019-5630 affects Rapid7 Nexpose InsightVM Security Console. The vulnerability is a Cross-Site Request Forgery (CSRF) in API endpoints that can be exploited via Flash to bypass a cross-domain pre-flight OPTIONS request. Affected versions are 6.5.0 through 6.5.68. The issue arises from insuffi...

CVE-2019-5630 Rapid7 Nexpose/InsightVM Security Console CSRF

A Cross-Site Request Forgery CSRF vulnerability was found in Rapid7 Nexpose InsightVM Security Console versions 6.5.0 through 6.5.68. This issue allows attackers to exploit CSRF vulnerabilities on API endpoints using Flash to circumvent a cross-domain pre-flight OPTIONS request...

Microsoft IIS shortname vulnerability scanner

The vulnerability is caused by a tilde character "" in a GET or OPTIONS request, which could allow remote attackers to disclose 8.3 filenames short names. In 2010, Soroush Dalili and Ali Abbasnejad discovered the original bug GET request. This was publicly disclosed in 2012. In 2014, Soroush...

Apache HTTP Optionsbleed Memory Leak (CVE-2017-9798)

A use afetr free vulnerability exuists in Apache HTTP Server. A remote attacker can exploit this issue by sending an OPTIONS request to the vulnerable system. A successful attack may lead to memory leakage and loss of private data...

Fixed in Apache Tomcat 9.0.0.M21

Important: Security Constraint Bypass CVE-2017-5664 The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the...

Fedora 19 : subversion-1.7.16-1.fc19 (2014-3567)

This update includes the latest stable release of Apache Subversion 1.7, fixing a security issue CVE-2014-0032 : Subversion's moddavsvn Apache HTTPD server module will crash when it receives an OPTIONS request against the server root and Subversion is configured to handle the server root and...

MGASA-2014-0105 Updated subversion packages fix CVE-2014-0032

Updated subversion packages fix security vulnerability: The moddavsvn module in Apache Subversion before 1.8.8, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service crash via an OPTIONS request CVE-2014-0032. The package has been updated to version 1.8.8, which...

MGASA-2014-0104 Updated subversion packages fix CVE-2014-0032

Updated subversion packages fix security vulnerability: The moddavsvn module in Apache Subversion before 1.8.8, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service crash via an OPTIONS request CVE-2014-0032. The package has been patched to correct this issue...

subversion -- mod_dav_svn vulnerability

Subversion Project reports: Subversion's moddavsvn Apache HTTPD server module will crash when it receives an OPTIONS request against the server root and Subversion is configured to handle the server root and SVNListParentPath is on. This can lead to a DoS. There are no known instances of this...

Nmap NSE net: http-methods

Finds out what options are supported by an HTTP server by sending an OPTIONS request. Lists potentially risky methods. Optionally tests each method individually to see if they are subject to e.g. IP address restrictions. In this script, 'potentially risky' methods are anything except GET, HEAD,...