7656 matches found
GitLab: Persistent XSS on public project page
Details A project admin can set up a custom issue tracker integration. This setting misses a check to make sure that it's a real URL and, thus, can use the javascript handler to execute arbitrary Javascript. Browsers use this handler to execute inline Javascript. This can lead to an account take...
BSA-2016-1052
Security Advisory ID : BSA-2016-1052 Component : TCP Sequence Number Revision : 4.0: Final A vulnerability was discovered in the Transmission Control Protocol TCP specification RFC 873. TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a...
Perli 2.6 Filter Bypass / Script Insertion
Document Title: =============== Perli v2.6 iOS - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1813 Release Date: ============= 2016-04-05 Vulnerability Laboratory ID VL-ID: ====================================...
Totemomail v4.x & v5.x - Bypass & Persistent Vulnerability
Document Title: =============== Totemomail v4.x & v5.x - Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1769 Release Date: ============= 2016-04-08 Vulnerability Laboratory ID VL-ID: ====================================...
Totemomail v4.x & v5.x - Bypass & Persistent Vulnerability
Document Title: =============== Totemomail v4.x & v5.x - Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1769 Release Date: ============= 2016-04-07 Vulnerability Laboratory ID VL-ID: ====================================...
tomcat: non-persistent DoS attack by feeding data by aborting an upload
It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made...
tomcat: non-persistent DoS attack by feeding data by aborting an upload
It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made...
tomcat: non-persistent DoS attack by feeding data by aborting an upload
It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made...
Perli v2.6 iOS - Filter Bypass & Persistent Vulnerability
Document Title: =============== Perli v2.6 iOS - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1813 Release Date: ============= 2016-04-05 Vulnerability Laboratory ID VL-ID: ====================================...
FortiManager / FortiAnalyzer 5.x Script Insertion
Document Title: =============== FortiManager & FortiAnalyzer 5.x Appliance Application - filename Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1687 Fortinet PSIRT ID: 1624561 Release Date: ============= 2016-04-04...
Perli v2.6 iOS - Filter Bypass & Persistent Vulnerability
Document Title: =============== Perli v2.6 iOS - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1813 Release Date: ============= 2016-04-04 Vulnerability Laboratory ID VL-ID: ====================================...
Python v2.7 v1.5.4 iOS - Bypass & Persistent Vulnerability
Document Title: =============== Python v2.7 v1.5.4 iOS - Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1806 Release Date: ============= 2016-03-31 Vulnerability Laboratory ID VL-ID: ====================================...
Python 2.7 For iOS Filter Bypass
Document Title: =============== Python v2.7 v1.5.4 iOS - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1806 Release Date: ============= 2016-03-31 Vulnerability Laboratory ID VL-ID:...
Docker UI 0.10.0 Cross Site Scripting
Document Title: =============== Docker UI v0.10.0 - Multiple Persistent Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1803 Release Date: ============= 2016-03-29 Vulnerability Laboratory ID VL-ID: ==================================== 18...
Uber: Stored XSS in archive.uber.com Due to Injection of Javascript:alert(0)
archive.uber.com is vulnerable to an XSS due to injection of Javascript:alert0 as the downloadurl or the homepage in the setup.py when generating the .tar.gz. As of PEP 0470, the downloadurl and homepage parameters are depreciated. An example of a setup.py that can exploit this is: python from...
PayPal Filter Bypass / Malicious Input
Document Title: =============== PayPal Bug Bounty 121 - Profile Filter Bypass & Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1627 ID: EIBBP-32725 Video: http://www.vulnerability-lab.com/getcontent.php?id=1697 Release Date:...
PayPal Bug Bounty #121 - Bypass & Persistent Vulnerability
Document Title: =============== PayPal Bug Bounty 121 - Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1627 ID: EIBBP-32725 Video: http://www.vulnerability-lab.com/getcontent.php?id=1697 Release Date: =============...
Python v2.7 v1.5.4 iOS - Bypass & Persistent Vulnerability
Document Title: =============== Python v2.7 v1.5.4 iOS - Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1806 Release Date: ============= 2016-03-30 Vulnerability Laboratory ID VL-ID: ====================================...
PayPal Bug Bounty #121 - Bypass & Persistent Vulnerability
Document Title: =============== PayPal Bug Bounty 121 - Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1627 ID: EIBBP-32725 Video: http://www.vulnerability-lab.com/getcontent.php?id=1697 Release Date: =============...
PayPal Bug Bounty #121 - Bypass & Persistent Vulnerability
Document Title: =============== PayPal Bug Bounty 121 - Bypass & Persistent Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1696 Video: https://www.youtube.com/watch?v=ilLmbVC7RVY Advisory: http://www.vulnerability-lab.com/getcontent.php?id=1627 Release...