176 matches found
Lyft: My Expense Report resulted in a Server-Side Request Forgery (SSRF) on Lyft
During a trip to a conference, I discovered that the Lyft app allowed users to create expense reports by exporting business ride history as a PDF or CSV file. Being an active Lyft user, this was excellent news to me since it made my life easier by simplifying the tedious process of work travel...
Hackers use PDF generator to steal the WEB files on the server-the vulnerabilities and early warning-the black bar safety net
TCPDF PDF generator is the most popular today for creating a PDF document the PHP library one of today's most popular open source projects. It every day with millions of user usage, the carrier generally is a CMS program or other WEB application. However, the hacker using TCPDF's a loophole that...
openSUSE Security Update : python-logilab-common (openSUSE-SU-2014:0306-1)
The Python logilab-common module was updated to fix several temporary file problems, one in the PDF generator CVE-2014-1838 and one in the shellutils helper CVE-2014-1839. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted fr...
Crimepack 3.1.3 Exploit kit Leaked, available for Download !
Crimepack 3.1.3 Exploit kit Leaked, available for Download ! Part 1: Java Exploit As stated above, I focus on a malware that exploits a recent JRE vulnerability: CVE-2010-0840 to execute malicious files on a victim system. This malware comes inside a jar file, which contains the following two...
CVE-2008-3049
The PDF Generator 2 pdfgenerator2 extension 0.5.0 and earlier for TYPO3 allows attackers to obtain sensitive information via unspecified vectors...
CVE-2008-3050
Unspecified vulnerability in the PDF Generator 2 pdfgenerator2 extension 0.5.0 and earlier for TYPO3 allows attackers to cause a denial of service via unspecified vectors...
CVE-2008-3048
Unspecified vulnerability in the PDF Generator 2 pdfgenerator2 extension 0.5.0 and earlier for TYPO3 has unknown impact and attack vectors related to "Unprotected test functionality."...
Code injection
Unspecified vulnerability in the PDF Generator 2 pdfgenerator2 extension 0.5.0 and earlier for TYPO3 has unknown impact and attack vectors related to "Unprotected test functionality."...
Code injection
Unspecified vulnerability in the PDF Generator 2 pdfgenerator2 extension 0.5.0 and earlier for TYPO3 allows attackers to cause a denial of service via unspecified vectors...
Information disclosure
The PDF Generator 2 pdfgenerator2 extension 0.5.0 and earlier for TYPO3 allows attackers to obtain sensitive information via unspecified vectors...
CVE-2008-3049
Technical details (affected component, versions, root cause, exploit vectors) are not provided in the supplied documents. Monitor for updates from NVD/CVE databases for clarified impact and remediation.
CVE-2008-3049
The PDF Generator 2 pdfgenerator2 extension 0.5.0 and earlier for TYPO3 allows attackers to obtain sensitive information via unspecified vectors...
CVE-2008-3048
Unspecified vulnerability in the PDF Generator 2 pdfgenerator2 extension 0.5.0 and earlier for TYPO3 has unknown impact and attack vectors related to "Unprotected test functionality."...
CVE-2008-3050
The CVE-2008-3050 entry affects TYPO3’s PDF Generator 2 extension (pdf_generator2) up to version 0.5.0 and earlier. The vulnerability is described as an unspecified DoS vector that attackers can trigger, but no concrete root cause, exploit method, affected subcomponents, or workaround is provided...
CVE-2008-3048
CVE-2008-3048 concerns the PDF Generator 2 (pdf_generator2) extension for TYPO3 (versions 0.5.0 and earlier). The vulnerability is described as unspecified with unknown impact and attack vectors, related to an "Unprotected test functionality." The connected documents provide the affected product ...
CVE-2008-3050
Unspecified vulnerability in the PDF Generator 2 pdfgenerator2 extension 0.5.0 and earlier for TYPO3 allows attackers to cause a denial of service via unspecified vectors...