122 matches found
Trend Micro Deep Discovery Inspector IDS - Security Bypass
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-DEEP-DISCOVERY-INSPECTOR-PERCENT-ENCODING-IDS-BYPASS.txt + ISR: Apparition Security Vendor www.trendmicro.com Product Deep Discovery Inspector Deep Discovery...
MailEnable Trust Management Vulnerability
MailEnable is a suite of POP3 and SMTP mail servers from MailEnable Australia. A security vulnerability exists in MailEnable versions prior to 8.60. The vulnerability stems from AUTH.TAB incorrectly handling the '%0A' sequence after receiving a password change request. An attacker can exploit the...
CVE-2016-8622
The URL percent-encoding decode function in libcurl before 7.51.0 is called curleasyunescape. Internally, even if this function would be made to allocate a unscape destination buffer larger than 2GB, it would return that new length in a signed 32 bit integer variable, thus the length would get...
CVE-2016-8622
The URL percent-encoding decode function in libcurl before 7.51.0 is called curleasyunescape. Internally, even if this function would be made to allocate a unscape destination buffer larger than 2GB, it would return that new length in a signed 32 bit integer variable, thus the length would get...
UBUNTU-CVE-2018-9846
In Roundcube from versions 1.2.0 to 1.3.5, with the archive plugin enabled and configured, it's possible to exploit the unsanitized, user-controlled "uid" parameter in an archive.php task=mail&mbox=INBOX&action=plugin.move2archive request to perform an MX IMAP injection attack by placing an IMAP...
CVE-2016-10367
In Opsview Monitor Pro Prior to 5.1.0.162300841, prior to 5.0.2.27475, prior to 4.6.4.162391051, and 4.5.x without a certain 2016 security patch, an unauthenticated Directory Traversal vulnerability can be exploited by issuing a specially crafted HTTP GET request utilizing a simple URL encoding...
Cross site scripting
Cross-site scripting XSS vulnerability in the Parser::replaceInternalLinks2 method in MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving replacement of percent encoding in unclosed internal...
CVE-2016-6334
Cross-site scripting XSS vulnerability in the Parser::replaceInternalLinks2 method in MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving replacement of percent encoding in unclosed internal...
CVE-2016-6334
Cross-site scripting XSS vulnerability in the Parser::replaceInternalLinks2 method in MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving replacement of percent encoding in unclosed internal...
DEBIAN-CVE-2016-6334
Cross-site scripting XSS vulnerability in the Parser::replaceInternalLinks2 method in MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving replacement of percent encoding in unclosed internal...
CVE-2016-6334
The CVE-2016-6334 issue affects MediaWiki and is caused by the Parser::replaceInternalLinks2 path, enabling XSS via improper handling of percent-encoded content in unclosed internal links. Affected versions include MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1. The vuln...
DEBIAN-CVE-2017-7443
apt-cacher before 1.7.15 and apt-cacher-ng before 3.4 allow HTTP response splitting via encoded newline characters, related to lack of blocking for the %0ad regular expression...
Debian DSA-3705-1 : curl - security update
Several vulnerabilities were discovered in cURL, an URL transfer library : - CVE-2016-8615 It was discovered that a malicious HTTP server could inject new cookies for arbitrary domains into a cookie jar. - CVE-2016-8616 It was discovered that when re-using a connection, curl was doing case...
URL unescape heap overflow via integer truncation
The URL percent-encoding decode function in libcurl is called curleasyunescape. Internally, even if this function would be made to allocate a destination buffer larger than 2GB, it would return that new length in a signed 32-bit integer variable, thus the length would get either truncated only or...
JavaScript Percent-Encoding Obfuscation
Although various security products provide coverage against many web vulnerabilities, such as ActiveX exploits, these known exploits could potentially bypass security products by using JavaScript obfuscation techniques.An example of such a technique is percent-encoding, also known as URL encoding...
DEBIAN-CVE-2014-2525
Heap-based buffer overflow in the yamlparserscanuriescapes function in LibYAML before 0.1.6 allows context-dependent attackers to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file...
PT-2011-3356 · Mediawiki · Mediawiki
Cross-site scripting XSS vulnerability in MediaWiki before 1.16.5, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .shtml at the end of the query string, in conjunction wit...
PT-2008-1472 · Apache +1 · Apache Tomcat +1
Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 4.1.0 through 4.1.36 Apache Tomcat versions 5.5.0 through 5.5.25 Apache Tomcat versions 6.0.0 through 6.0.14 Description: The issue arises from improper handling of double quote " characters or %5C encoded backslash...
Design/Logic Flaw
web-app.org WebAPP before 0.9.9.6 allows remote authenticated users to upload certain files 1 via a crafted filename or 2 by "using percent encoding in forms."...
CVE-2007-1832
The CVE-2007-1832 vulnerability affects web-app.org WebAPP prior to version 0.9.9.6. It allows remote authenticated users to upload certain files through two vectors: (1) via a crafted filename and (2) by using percent encoding in forms. The available sources describe the issue and confirm the up...