CVE-2016-10661

phantomjs-cheniu is a Headless WebKit with JS API phantomjs-cheniu downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on...

Remote code execution

phantomjs-cheniu is a Headless WebKit with JS API phantomjs-cheniu downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on...

CVE-2016-10661

Summary: CVE-2016-10661 affects phantomjs-cheniu, a headless WebKit with JS API, which downloads binary resources over HTTP. The unencrypted HTTP channel enables MITM interception, allowing an attacker with network position to swap the requested binary and potentially trigger remote code executio...

CVE-2016-10661

phantomjs-cheniu is a Headless WebKit with JS API phantomjs-cheniu downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on...

CVE-2016-10625

headless-browser-lite is a minimal npm installer for phantomjs and slimerjs with no external dependencies. headless-browser-lite downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested...

CVE-2016-10625

CVE-2016-10625 affects headless-browser-lite, a minimal npm installer for phantomjs/slimerjs. The vulnerability arises from downloading binary resources over HTTP, enabling an attacker on the network to perform a MITM swap of the requested binary, potentially leading to remote code execution on t...

Node.js third-party modules: [markdown-pdf] Local file reading

I would like to report local file reading in markdown-pdf It allows to insert a malicious html code, which allows to read the local files. Module module name: markdown-pdf version: 8.1.1 npm page: https://www.npmjs.com/package/markdown-pdf Module Description Node module that converts Markdown fil...

CVE-2016-10682

massif is a Phantomjs fork massif downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between th...

Remote code execution

massif is a Phantomjs fork massif downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between th...

CVE-2016-10682

massif is a Phantomjs fork massif downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between th...

CVE-2016-10682

The CVE-2016-10682 issue affects massif, a PhantomJS fork, which downloads resources over HTTP. The underlying risk is a MITM could replace fetched resources with attacker-controlled binaries, potentially enabling remote code execution when the user retrieves those resources. Multiple sources des...

changeme - A Default Credential Scanner

A default credential scanner. About Getting default credentials added to commercial scanners is often difficult and slow. changeme is designed to be simple to add new credentials without having to write any code or modules. changeme keeps credential data separate from code. All credentials are...

dorkbot - Scan Google Search Results for Vulnerabilities

dorkbot is a modular command-line tool for performing vulnerability scans against a set of webpages returned by Google search queries in a given Google Custom Search Engine. It is broken up into two sets of modules: Indexers - modules that issue a search query and return the results as targets...

NagaScan - Distributed Passive Scanner for Web Application

What is NagaScan NagaScan is a distributed passive vulnerability scanner for Web application. What NagaScan do NagaScan currently support some common Web application vulnerabilities, e.g. XSS, SQL Injection, File Inclusion etc How NagaScan work Config a proxy, e.g. Web Browser proxy or mobile Wi-...

From PhantomJS picture rendering of XSS vulnerabilities to the SSRF/local file read vulnerability-vulnerability warning-the black bar safety net

One, Foreword Recently I was invited to study a vulnerability reward project, this project can be based on user input to generate a picture, in order for users to download. After a period time of exploring, I found a way to exploit the path, you can use the picture inside theXSSthe vulnerability ...

Moderate: Red Hat Security Advisory: Red Hat Mobile Application Platform 4.2.1 Security Update - SDKs and RPMs

Updated packages that provide Red Hat Mobile Application Platform 4.2.1, fixed several bugs, and added various enhancements that are now available from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring Syste...

Downloads Resources over HTTP

Overview Affected versions of phantomjs-cheniu insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code...

PhantomJS Denial of Service Vulnerability

PhantomJS is a set of WebKit-based server-side JavaScript API. A denial of service vulnerability exists in PhantomJS version 2.1.1. An attacker can exploit this vulnerability to crash the application and cause a denial of service...

Htcap - web application scanner able to crawl single page application (SPA) in a recursive manner by intercepting ajax calls and DOM changes

htcap is a web application scanner able to crawl single page application SPA in a recursive manner by intercepting ajax calls and DOM changes. Htcap is not just another vulnerability scanner since it's focused mainly on the crawling process and uses external tools to discover vulnerabilities. It'...

Yahoo! Launches Free Web Application Security Scanner

Yahoo! has open-sourced Gryffin – a Web Application Security Scanner – in an aim to improve the safety of the Web for everyone. Currently in its beta, Project Gryffin has made available on Github under the BSD-style license that Yahoo! has been using for a number of its open-sourced projects...