devel/ipython -- CSRF possible remote execution vulnerability

Kyle Kelley reports: Summary: POST requests exposed via the IPython REST API are vulnerable to cross-site request forgery CSRF. Web pages on different domains can make non-AJAX POST requests to known IPython URLs, and IPython will honor them. The user's browser will automatically send IPython...

HP WebInspect REST API Unauthorized Access

Binary data hpwebinspectnoauthapi.nbin...

Advanced JQL Search does not Respect User email visibility Hidden

h4. Problem The advanced JQL autocomplete functionality is still showing email addresses, ignoring the User email visibility option. Basic mode does not show emails See screenshots h4. Steps to Reproduce Set User email visibility to Hidden JIRA Administration System General Configuration Edit Use...

Advanced JQL Search does not Respect User email visibility Hidden

h4. Problem The advanced JQL autocomplete functionality is still showing email addresses, ignoring the User email visibility option. Basic mode does not show emails See screenshots h4. Steps to Reproduce Set User email visibility to Hidden JIRA Administration System General Configuration Edit Use...

Advanced JQL Search does not Respect User email visibility Hidden

h4. Problem The advanced JQL autocomplete functionality is still showing email addresses, ignoring the User email visibility option. Basic mode does not show emails See screenshots h4. Steps to Reproduce Set User email visibility to Hidden JIRA Administration System General Configuration Edit Use...

CVE-2015-0746

The REST API in Cisco Access Control Server ACS 5.50.46.2 allows remote attackers to cause a denial of service API outage by sending many requests, aka Bug ID CSCut62022...

CVE-2015-0746

The REST API in Cisco Access Control Server ACS 5.50.46.2 allows remote attackers to cause a denial of service API outage by sending many requests, aka Bug ID CSCut62022...

CVE-2015-0746

Cisco ACS REST API Denial of Service vulnerability (CVE-2015-0746) affects ACS 5.5(0.46.2). A remote attacker can cause API outages by sending large numbers of requests to the REST API (Bug CSCut62022). Affected component is the REST API; root cause described in Cisco advisory. Remediation status...

Web Application Security Scanner Framework: Arachni

Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of modern web applications. It is free, with its source code public and available for review. It is multi-platform, supporting all major operating...

InfluxDB Enum Utility

This module enumerates databases on InfluxDB using the REST API using the default authentication of root:root. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'InfluxDB Enum Utility',...

WordPress WP REST API Plugin <= 1.2 - Post Revision Disclosure

Because of this vulnerability, unpublished content and post revisions can be retrieved via the REST API. Solution Update the plugin...

WP REST API (WP API) <= 1.2 - Post Revision Disclosure

Unauthenticated users could access revisions of published and unpublished posts. Revisions are now only accessible to authenticated users with permission to edit the revision's post...

Sensitive information displayed in anonymous REST API calls

h4. Expected behavior Block sensitive information from being displayed on anonymous REST API calls in JIRA. h4. Actual behavior Users' full-name are displayed when running the calls below: noformat /user/picker?query= /groupuserpicker?query=ali&showAvatar noformat Default fields and custom fields...

Sensitive information displayed in anonymous REST API calls

h4. Expected behavior Block sensitive information from being displayed on anonymous REST API calls in JIRA. h4. Actual behavior Users' full-name are displayed when running the calls below: noformat /user/picker?query= /groupuserpicker?query=ali&showAvatar noformat Default fields and custom fields...

Sensitive information displayed in anonymous REST API calls

h4. Expected behavior Block sensitive information from being displayed on anonymous REST API calls in JIRA. h4. Actual behavior Users' full-name are displayed when running the calls below: noformat /user/picker?query= /groupuserpicker?query=ali&showAvatar noformat Default fields and custom fields...

ElasticSearch - Search Groovy Sandbox Bypass (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'ElasticSearch Search Groovy Sandbox Bypass', 'Description' = %q This module exploits a remote command execution RCE vulnerability in...

MongoDB Unauthenticated REST API (HTTP)

The remote MongoDB REST API is unprotected. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mongodb:mongodb"; if description...

MongoDB Unauthenticated REST API Detection

The remote web server is running an unauthenticated REST API for MongoDB, a document-oriented database system. A remote attacker can exploit this API to read arbitrary collections from databases in the system. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid81778;...

ElasticSearch Search Groovy Sandbox Bypass Exploit

This Metasploit module exploits a remote command execution RCE vulnerability in ElasticSearch, exploitable by default on ElasticSearch prior to 1.4.3. The bug is found in the REST API, which does not require authentication, where the search function allows groovy code execution and its sandbox ca...

ElasticSearch Search Groovy Sandbox Bypass

This module exploits a remote command execution RCE vulnerability in ElasticSearch, exploitable by default on ElasticSearch prior to 1.4.3. The bug is found in the REST API, which does not require authentication, where the search function allows groovy code execution and its sandbox can be bypass...