UPDATE: FactionC2 2019-10-20

PenTestIT RSS Feed FactionC2 2019-10-20 was released a couple of days ago by the author. This C2 framework was briefly mentioned in my previous post titled List of Open Source C2 Post-Exploitation Frameworks. This release most importantly contains upgrades to .Net Core 3 version among additional...

Osmedeus v2.1 - Fully Automated Offensive Security Framework For Reconnaissance And Vulnerability Scanning

Osmedeus allows you automated run the collection of awesome tools to reconnaissance and vulnerability scanning against the target. Installation git clone https://github.com/j3ssie/Osmedeus cd Osmedeus ./install.sh This install only focus on Kali linux, check more install on Usage page How to use ...

CVE-2019-10716

An Information Disclosure issue in Verodin Director 3.5.3.1 and earlier reveals usernames and passwords of integrated security technologies via a /integrations.json JSON REST API request...

CVE-2019-10716

An Information Disclosure issue in Verodin Director 3.5.3.1 and earlier reveals usernames and passwords of integrated security technologies via a /integrations.json JSON REST API request...

CVE-2019-10716

An Information Disclosure issue in Verodin Director 3.5.3.1 and earlier reveals usernames and passwords of integrated security technologies via a /integrations.json JSON REST API request...

Comment properties do not respect permissions

h3. Issue Summary Comment properties do not respect permissions on the comment like the docs say|https://docs.atlassian.com/software/jira/docs/api/REST/8.4.1/api/2/comment/%7BcommentId%7D/properties-getProperty This issue was reported via bugbounty...

CVE-2019-14832

A flaw was found in the Keycloak REST API before version 8.0.0 where it would permit user access from a realm the user was not configured. An authenticated attacker with knowledge of a user id could use this flaw to access unauthorized information or to carry out further attacks...

CVE-2019-14832

A flaw was found in the Keycloak REST API before version 8.0.0 where it would permit user access from a realm the user was not configured. An authenticated attacker with knowledge of a user id could use this flaw to access unauthorized information or to carry out further attacks...

Design/Logic Flaw

A flaw was found in the Keycloak REST API before version 8.0.0 where it would permit user access from a realm the user was not configured. An authenticated attacker with knowledge of a user id could use this flaw to access unauthorized information or to carry out further attacks...

CVE-2019-14832

CVE-2019-14832 affects Keycloak REST API prior to 8.0.0, allowing an authenticated attacker who knows a user id to access information across realms the user is not configured for, i.e., a cross-realm user access/authorization bypass. Concrete details from connected docs confirm the vulnerability ...

CVE-2019-14832

A flaw was found in the Keycloak REST API where it would permit user access from a realm the user was not configured. An authenticated attacker with knowledge of a user id could use this flaw to access unauthorized information or to carry out further attacks...

SugarCRM 9.0.1 SQL Injection

-------------------------------------------------------- SugarCRM = 9.0.1 Multiple SQL Injection Vulnerabilities -------------------------------------------------------- - Software Link: https://www.sugarcrm.com - Affected Versions: Version 9.0.1 and prior versions, 8.0.3 and prior versions. -...

Schneider Electric Modicon M580 UMAS REST API readbolarray information disclosure vulnerability

Summary An exploitable information disclosure vulnerability exists in the UMAS REST API readbolarray functionality of the Schneider Electric Modicon M580 Programmable Automation Controller firmware version SV2.80. A specially crafted HTTP request can cause the device to return blocks of program...

Schneider Electric Modicon M580 UMAS REST API getcominfo information disclosure vulnerability

Summary An exploitable information disclosure vulnerability exists in the UMAS REST API getcominfo functionality of the Schneider Electric Modicon M580 Programmable Automation Controller firmware version SV2.80. A specially crafted HTTP request can cause the device to return arbitrary memory,...

Schneider Electric Modicon M580 UMAS REST API getcominfo denial-of-service vulnerability

Summary An exploitable denial of service vulnerability exists in the UMAS REST API getcominfo functionality of the Schneider Electric Modicon M580 Programmable Automation Controller firmware version SV2.80. A specially crafted HTTP request can cause the device to enter a non-recoverable fault...

Sql injection

MOVEit.DMZ.WebApi.dll in Progress MOVEit Transfer 2018 SP2 before 10.2.4, 2019 before 11.0.2, and 2019.1 before 11.1.1 allows an unauthenticated attacker to gain unauthorized access to the database. Depending on the database engine being used MySQL, Microsoft SQL Server, or Azure SQL, an attacker...

Security Bulletin: Secure values are recoverable via REST API (CVE-2019-4232)

Summary IBM UrbanCode Deploy could allow an authenticated user to obtain sensitive values from the REST API that could be used in further attacks against the system. Vulnerability Details CVEID: CVE-2019-4232 DESCRIPTION: IBM UrbanCode Deploy could allow an authenticated user to obtain sensitive...

PT-2019-5224 · WordPress · Wordpress

Name of the Vulnerable Software and Affected Versions: WordPress versions 3.7 through 5.3.0 Description: The issue is related to an authentication error in the class-wp-rest-posts-controller function of the WordPress content management system, allowing users to mark posts as sticky via the REST...

CVE-2019-11464

Some enterprises require that REST API endpoints include security-related headers in REST responses. Headers such as X-Frame-Options and X-Content-Type-Options are generally advisable, however some information security professionals additionally look for X-Permitted-Cross-Domain-Policies and...

CVE-2019-11464

CVE-2019-11464 affects Couchbase Server Views REST API (port 8092), where security headers were not included in versions 5.5.0 and 5.1.2. The issue is that headers such as X-Frame-Options, X-Content-Type-Options, X-Permitted-Cross-Domain-Policies, and X-XSS-Protection were missing in responses. T...