575 matches found
Splunk Enterprise 7.2.3 Command Execution
!/usr/bin/python Exploit Title: Splunk Enterprise 7.2.3 Custom App RCE persistent backdoor Date: January 23, 2019 Exploit Author: Lee Mazzoleni Vendor Homepage: https://www.splunk.com/ Software Link: https://www.splunk.com/enus/download/splunk-enterprise.html Version: 7.2.3 Tested on: kali...
Splunk Enterprise 7.2.3 - (Authenticated) Custom App Remote Code Execution
!/usr/bin/python Exploit Title: Splunk Enterprise 7.2.3 Custom App RCE persistent backdoor Date: January 23, 2019 Exploit Author: Lee Mazzoleni Vendor Homepage: https://www.splunk.com/ Software Link: https://www.splunk.com/enus/download/splunk-enterprise.html Version: 7.2.3 Tested on: kali...
Fedora 29 : mediawiki (2018-f4b65fc7cd)
https://www.mediawiki.org/wiki/Releasenotes/1.29MediaWiki1.29.3 - T169545, CVE-2018-0503 SECURITY: $wgRateLimits entry for 'user' overrides 'newbie'. - T194605, CVE-2018-0505 SECURITY: BotPasswords can bypass CentralAuth's account lock. - T180551 Fix LanguageSrTest for language converter - T18055...
Qualys Cloud Platform 2.35 New Features
This release of the Qualys Cloud Platform version 2.35 includes updates and new features for AssetView, Cloud Agent, Security Assessment Questionnaire, and Web Application Scanning, highlights as follows. Note: this post has been edited after publishing to remove the Rule-Based Method to...
XML External Entity (XXE)
selenium-firefox-driver is vulnerable to XML external entity XXE attacks. The vulnerability exists due to the lack of disabling the default expanding entity reference option, allowing XXE attacks...
Social Media Enumeration & Correlation Tool: Social Mapper
Social Mapper is a Open Source Intelligence Tool that uses facial recognition to correlate social media profiles across different sites on a large scale. It takes an automated approach to searching popular social media sites for targets names and pictures to accurately detect and group a person’s...
browsertime (>=0.8.1 <=0.8.6), cssnow (=2.0.0) +4 more potentially affected by CVE-2018-3772 via whereis (>=0.2.1 <=0.4.0)
whereis NPM version =0.2.1, =0.8.1, =2.1.2, =0.0.1, =2.42.0-2.9.0, =3.0.0-alpha, =3.0.0-alpha-8 Source cves: CVE-2018-3772 Source advisory: OSV:GHSA-WJR4-2JGW-HMV8...
selenium-portal remote code execution vulnerability
selenium-portal is a Node.js based on the use of JavaScript to write Selenium test program tools . A security vulnerability exists in selenium-portal, which originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker can exploit the vulnerabilit...
windows-seleniumjar-mirror remote code execution vulnerability
windows-seleniumjar-mirror is a package for downloading selenium jar files. A security vulnerability exists in windows-seleniumjar-mirror, which originates when a program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the vulnerability by...
windows-selenium-chromedriver remote code execution vulnerability
windows-selenium-chromedriver is a package for downloading and installing the chromedriver server. A security vulnerability exists in windows-selenium-chromedriver, which originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit...
CVE-2016-10624
selenium-chromedriver is a simple utility for downloading the Selenium Webdriver for Google Chrome selenium-chromedriver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary wit...
Man-in-the-Middle (MitM)
windows-selenium-chromedriver is susceptible to man-in-the-middle MitM attacks. The attacker can download binary resources via HTTP, allowing MitM attacks. Since the attacker can replace the requested binary with its controlled binary if the attacker is on the network or positioned in between the...
Man-in-the-Middle (MitM)
selenium-portal is susceptible to man-in-the-middle MitM attacks. The attacker can download binary resources via HTTP, allowing MitM attacks. Since the attacker can replace the requested binary with its controlled binary if the attacker is on the network or positioned in between the user and the...
CVE-2016-10678
serc.js is a Selenium RC process wrapper serc.js downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or...
CVE-2016-10687
windows-selenium-chromedriver is a module that downloads the Selenium Jar file. windows-selenium-chromedriver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an...
CVE-2016-10678
serc.js is a Selenium RC process wrapper serc.js downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or...
CVE-2016-10687
windows-selenium-chromedriver is a module that downloads the Selenium Jar file. windows-selenium-chromedriver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an...
CVE-2016-10691
windows-seleniumjar is a module that downloads the Selenium Jar file windows-seleniumjar downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy...
CVE-2016-10667
selenium-portal is a Selenium Testing Framework selenium-portal downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on th...
CVE-2016-10670
windows-seleniumjar-mirror downloads the Selenium Jar file windows-seleniumjar-mirror downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if...