EZSA-2018-008 REST API returns list of all SiteAccesses

More info at http://share.ez.no/community-project/security-advisories/ezsa-2018-008-rest-api-returns-list-of-all-siteaccesses...

Restlet Framework Ja-rs extension is vulnerable to XXE when using SimpleXMLProvider

Restlet Framework before 2.3.11, when using SimpleXMLProvider, allows remote attackers to access arbitrary files via an XXE attack in a REST API HTTP request. This affects use of the Jax-rs extension...

Restlet Framework allows remote attackers to access arbitrary files via a crafted REST API HTTP request

Restlet Framework before 2.3.12 allows remote attackers to access arbitrary files via a crafted REST API HTTP request that conducts an XXE attack, because only general external entities not parameter external entities are properly considered. This is related to XmlRepresentation, DOMRepresentatio...

GHSA-CVJ4-G3GX-8VQQ Restlet Framework allows remote attackers to access arbitrary files via a crafted REST API HTTP request

Restlet Framework before 2.3.12 allows remote attackers to access arbitrary files via a crafted REST API HTTP request that conducts an XXE attack, because only general external entities not parameter external entities are properly considered. This is related to XmlRepresentation, DOMRepresentatio...

FLIR Brickstream 3D+ 2.1.742.1842 - Config File Disclosure

Exploit Title: FLIR Brickstream 3D+ 2.1.742.1842 - Config File Disclosure Author: Gjoko 'LiquidWorm' Krstic Date: 2018-10-14 Vendor: FLIR Systems, Inc. Product web page: http://www.brickstream.com Affected version: Firmware: 2.1.742.1842, Api: 1.0.0, Node: 0.10.33, Onvif: 0.1.1.47 Tested on: Tita...

FLIR Brickstream 3D+ 2.1.742.1842 - Config File Disclosure Vulnerability

Exploit for hardware platform in category web applications Exploit Title: FLIR Brickstream 3D+ 2.1.742.1842 - Config File Disclosure Author: Gjoko 'LiquidWorm' Krstic Date: 2018-10-14 Vendor: FLIR Systems, Inc. Product web page: http://www.brickstream.com Affected version: Firmware: 2.1.742.1842,...

FLIR Brickstream 3D+ 2.1.742.1842 - Config File Disclosure

FLIR Brickstream 3D+ 2.1.742.1842 - Config File Disclosure Exploit Title: FLIR Brickstream 3D+ 2.1.742.1842 - Config File Disclosure Author: Gjoko 'LiquidWorm' Krstic Date: 2018-10-14 Vendor: FLIR Systems, Inc. Product web page: http://www.brickstream.com Affected version: Firmware: 2.1.742.1842,...

FLIR Systems FLIR Brickstream 3D+ Unauthenticated Config Download File Disclosure

FLIR Systems FLIR Brickstream 3D+ Unauthenticated Config Download File Disclosure Vendor: FLIR Systems, Inc. Product web page: http://www.brickstream.com Affected version: Firmware: 2.1.742.1842 Api: 1.0.0 Node: 0.10.33 Onvif: 0.1.1.47 Summary: The Brickstream line of sensors provides highly...

Authorization

A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to read any file on an affected system. The vulnerability is due to insufficient authorization and parameter validation checks. An attacker could exploit this...

CVE-2018-0460 Cisco Enterprise NFV Infrastructure Software Information Disclosure Vulnerability

A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to read any file on an affected system. The vulnerability is due to insufficient authorization and parameter validation checks. An attacker could exploit this...

CVE-2018-0460

CVE-2018-0460 affects Cisco Enterprise NFV Infrastructure Software (NFVIS) REST API. The vulnerability arises from insufficient authorization and parameter validation, enabling an authenticated, remote attacker to read arbitrary files on an affected system. Exploitation requires the attacker to u...

CVE-2018-0460 Cisco Enterprise NFV Infrastructure Software Information Disclosure Vulnerability

A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to read any file on an affected system. The vulnerability is due to insufficient authorization and parameter validation checks. An attacker could exploit this...

WordPress Breadcrumb NavXT plugin <= 6.1.0 - Username Disclosure via REST API

Username Disclosure via REST API issue found by Janek Vind in WordPress Breadcrumb NavXT plugin versions = 6.1.0. Solution Update the WordPress Breadcrumb NavXT plugin to the latest available version at least 6.2.0...

Gurp - Golang command-line interface to Burp Suite's REST API

Requirements BurpSuite Professional v2.0.0beta or greater from PortSwigger Dependencies go get -u -v github.com/fatih/color go get -u -v github.com/integrii/flaggy go get -u -v github.com/tidwall/gjson go get -u -v github.com/grokify/html-strip-tags-go Binaries Latest version available here...

Breadcrumb NavXT <= 6.1.0 - Username Disclosure via REST API

The Breadcrumb NavXT WordPress plugin was affected by an Username Disclosure via REST API security vulnerability. PoC http://www.example.com/wp-json/bcn/v1/author/1...

Breadcrumb NavXT <= 6.1.0 - Username Disclosure via REST API

The Breadcrumb NavXT WordPress plugin was affected by an Username Disclosure via REST API security vulnerability. http://www.example.com/wp-json/bcn/v1/author/1...

WordPress Breadcrumb NavXT 6.1.0 Username Disclosure

Exploit for php platform in category web applications Username Disclosure in Breadcrumb NavXT Wordpress plugin ============================================================ Author: Janek Vind "waraxe" Date: 26. September 2018 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-108.html...

WordPress Breadcrumb NavXT 6.1.0 Username Disclosure

waraxe-2018-SA108 - Username Disclosure in Breadcrumb NavXT Wordpress plugin ================================================================================ Author: Janek Vind "waraxe" Date: 26. September 2018 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-108.html Target descriptio...

Burpcommander - Ruby Command-Line Interface To Burp Suite's REST API

Ruby command-line interface to Burp Suite's REST API Usage burpcommander VERSION: 1.0.1 - UPDATED: 08/29/2018 -t, --target IP Address Defaults to 127.0.0.1 -p, --port Port Number Defaults to 1337 -k, --key API Key If you require an API key specify it here -i, --issue-type-id String String to sear...

Pimcore Gather Credentials via SQL Injection

This module extracts the usernames and hashed passwords of all users of the Pimcore web service by exploiting a SQL injection vulnerability in Pimcore's REST API. Pimcore begins to create password hashes by concatenating a user's username, the name of the application, and the user's password in t...