287 matches found
Apple iOS CFNetwork cookie rewriting vulnerability
iOS is an operating system developed by Apple for mobile devices. A rewrite vulnerability exists in the Apple iOS CFNetwork cookie. An attacker can exploit this vulnerability to rewrite cookie values via a remote web server...
Apple iOS Warns of Message Denial of Service Vulnerability
Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. A security vulnerability exists in Apple iOS that allows a remote WEB server to generate a large number of alert messages, resulting in a denial-of-service attack...
WordPress Multiple XSS
According to its version number, the WordPress application running on the remote web server is either version 3.7.x prior to 3.7.8, 3.8.x prior to 3.8.8, 3.9.x prior to 3.9.6, 4.1.x prior to 4.1.5, or 4.2.x prior to 4.2.2. It is, therefore, potentially affected by multiple cross-site scripting...
X2Engine < 4.0 ProfileController.php Unrestricted File Upload Vulnerability
According to its version number, the X2Engine application installed on the remote web server is prior to version 4.0. It is, therefore, potentially affected by a file upload vulnerability in the '/protected/controllers/ProfileController.php' script. An attacker can exploit this issue to upload...
MyBB < 1.6.13 Multiple Vulnerabilities
Binary data 8629.prm...
PHP 5.5.x < 5.5.19 'donote' DoS
According to its banner, the version of PHP 5.5.x installed on the remote host is prior to 5.5.19. It is, therefore, affected by an out-of-bounds read error in the function 'donote' within the file 'ext/fileinfo/libmagic/readelf.c' that could allow application crashes. Note that Nessus has not...
Splunk Enterprise 4.3.x / 5.0.x < 5.0.9 / 6.0.x < 6.0.5 / 6.1.x < 6.1.2 Multiple OpenSSL Vulnerabilities
According to its version number, the Splunk Enterprise hosted on the remote web server is 4.3.x, 5.0.x prior to 5.0.9, 6.0.x prior to 6.0.5, or 6.1.x prior to 6.1.2. It is, therefore, affected by multiple OpenSSL-related vulnerabilities : - An unspecified error exists that allows an attacker to...
Galacticomm Worldgroup 3.20 Remote Web Server Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4186/info Galacticomm Worldgroup is a community building package of both client and server software for Microsoft Windows. Worldgroup is based on BBS software, and includes web and ftp servers. A vulnerability has been...
OSSIM tele_compress.php Directory Traversal
The OSSIM install hosted on the remote host has a directory traversal vulnerability. Input to the 'timestamp' parameter of the '/ossim/ocsreports/telecompress.php' script is not properly sanitized. A remote attacker could exploit this to download arbitrary files, subject to the privileges under...
Splunk < 5.0.6 Unspecified XSS
According to its version number, the Splunk Web hosted on the remote web server is affected by an unspecified cross-site scripting vulnerability. An attacker can exploit this issue to inject arbitrary HTML and script code into a user's browser to be executed within the security context of the...
Cacti < 0.8.8b Command and SQL Injections
Binary data 8004.prm...
BigTree CMS index.php SQL Injection
The BigTree CMS install hosted on the remote web server fails to sanitize user-supplied input to the application's 'site/index.php' script before using it in a database query. An unauthenticated attacker may be able to exploit this issue to manipulate database queries, leading to disclosure of...
Gallery 3.0.x < 3.0.8 Multiple XSS
According to its version number, the Gallery install hosted on the remote web server contains cross-site scripting vulnerabilities in the 'uploadify.swf' and 'flowplay.swf' files, where URL fragments and parameters are not properly sanitized when called via direct requests. An attacker may be abl...
Apache Struts 2 Crafted Parameter Arbitrary OGNL Expression Remote Command Execution
The remote web application appears to use Struts 2, a web framework that utilizes OGNL Object-Graph Navigation Language as an expression language. Due to a flaw in the evaluation of an OGNL expression, a remote, unauthenticated attacker can exploit this issue to execute arbitrary commands on the...
afd
This plugin sends custom requests to the remote web server in order to verify if the remote network is protected by an IPS or WAF. afd plugin detects both TCP-Connection-reset and HTTP level filters, the first one usually implemented by IPS devices is easy to verify: if afd requests the custom pa...
hmap
This plugin fingerprints the remote web server and tries to determine the server type, version and patch level. It uses fingerprinting, not just the Server header returned by remote server. This plugin is a wrapper for Dustin Lees hmap. One configurable parameters exist: genFpF If genFpF is set t...
fingerprint_os
This plugin fingerprints the remote web server and tries to determine the Operating System family Windows, Unix, etc.. The fingerprinting is at this moment really trivial, because it only uses one technique: windows path separator in the URL. For example, if the input URL is...
Splunk 5.0.x < 5.0.3 Multiple Vulnerabilities
According to its version number, the Splunk Web hosted on the remote web server is affected by multiple vulnerabilities : - The application is affected by an unspecified cross-site scripting vulnerability. An attacker can exploit this issue to inject arbitrary HTML and script code into a user's...
Citrix Access Gateway User Web Interface Detection
The remote web server hosts the web interface for using Citrix Access Gateway, an SSL VPN appliance. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid65951; scriptversion"1.5"; scriptsetattributeattribute:"pluginmodificationdate", value:"2020/09/22";...
Citrix Access Gateway Administrative Web Interface Detection
The remote web server hosts the web interface for administering Citrix Access Gateway, an SSL VPN appliance. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid65949; scriptversion"1.4"; scriptsetattributeattribute:"pluginmodificationdate", value:"2020/09/22";...