CTFd 2.1.5 Administrator Account Takeover

Exploit Title: CTFd Administrator Account Takeover Date: 2/1/20 Exploit Author: Social Engineering Neo - @EngineeringNeo Vendor Homepage: https://ctfd.io Software Link: https://github.com/CTFd/CTFd/releases/tag/2.1.5 Version: CTFd Local/Remote Hosting 2.1.5 and below Tested on: CTFd 2.1.5 CTFd...

Unrestricted file uploads in Contao

Impact A back end user with access to the form generator can upload arbitrary files and execute them on the server. Patches Update to Contao 4.4.46 or 4.8.6. Workarounds Configure your web server so it does not execute PHP files and other scripts in the Contao file upload directory. References...

CVE-2019-3992

CVE-2019-3992 affects ELOG 3.1.4-57bea22 and earlier; an unauthenticated remote attacker can access the server’s configuration file via an HTTP GET, potentially exposing valid admin usernames and, in older versions, passwords. Connected sources confirm the vulnerability and that Fedora advisories...

Unrestricted file uploads

Date : 2019-12-17 CVE ID : CVE-2019-19745 Description A back end user with access to the form generator can upload arbitrary files and execute them on the server. Affected versions Contao 4.0 Contao 4.1 Contao 4.2 Contao 4.3 Contao 4.4 up to 4.4.45 Contao 4.5 Contao 4.6 Contao 4.7 Contao 4.8 up t...

Cisco Unity Express CVE-2019-15986 Local Command Injection Vulnerability

Description Cisco Unity Express is prone to a local command-injection vulnerability. A local attacker can exploit this issue to execute arbitrary commands on the underlying OS with root privileges. This issue is being tracked by Cisco Bug ID CSCvq54120. Versions prior to Cisco Unity Express 10.1...

[SECURITY] [DLA 1970-1] php5 security update

Package : php5 Version : 5.6.40+dfsg-0+deb8u7 CVE ID : CVE-2019-11043 Emil Lerner, beched and d90pwn found a buffer underflow in php5-fpm, a Fast Process Manager for the PHP language, which can lead to remote code execution. Instances are vulnerable depending on the web server configuration, in...

WordPress Popup Maker Plugin Has Unspecified Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.Popup Maker is a popup window plugin used in it. A security vulnerability exists in WordPress Popup Maker plugin versions...

CVE-2019-17112

An issue was discovered in Zoho ManageEngine DataSecurity Plus before 5.0.1 5012. An exposed service allows a basic user "Operator" access level to access the configuration file of the mail server except for the password...

CVE-2019-17112

An issue was discovered in Zoho ManageEngine DataSecurity Plus before 5.0.1 5012. An exposed service allows a basic user "Operator" access level to access the configuration file of the mail server except for the password...

Localization update - Moderately critical - Insecure server configuration - SA-CONTRIB-2019-072

This module enables you to automatically download and update the site's interface translation by fetching them from localize.drupal.org or any other Localization server. The module doesn't sufficiently protect the directory it stores translation files in. It's conventional for directories which m...

Multiple Schneider Electric Products Server-Side Request Forgery Vulnerabilities

Schneider Electric MEG6501-0001-U.motion KNX server and others are a web-based visualization system from Schneider Electric France. The system is mainly used for KNX-based home and building automation. A server-side request forgery vulnerability exists in several Schneider Electric products. An...

FudgeC2 - A Collaborative C2 Framework For Purple-Teaming Written In Python3, Powershell And .NET

FudgeC2 is a campaign orientated Powershell C2 framework built on Python3/Flask - Designed for team collaboration, client interaction, campaign timelining, and usage visibility. Note: FudgeC2 is currently in alpha stage, and should be used with caution in non-test environments. Setup Installation...

Server side request forgery (ssrf)

A Server-Side Request Forgery SSRF: CWE-918 vulnerability exists in U.motion Server MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15, which could cause server...

PT-2019-18372 · Unknown · U.Motion Server

Name of the Vulnerable Software and Affected Versions: U.motion Server MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15 Description: A Server-Side Request Forgery SSRF...

Multiple TIBCO Software Products Path Traversal Vulnerabilities

TIBCO Software Jaspersoft JasperReports Server is a report generation tool from TIBCO Software, USA. The product supports PDF, HTML, XLS, CSV and XML file output formats. A path traversal vulnerability exists in the default server configuration component of several TIBCO Software products, which...

Arbitrary file deletion

There was a local file disclosure vulnerability in Confluence Server and Confluence Data Center via page exporting. An attacker with permission to editing a page is able to exploit this issue to read arbitrary file on the server under /confluence/WEB-INF directory, which may contain configuration...

CVE-2019-14525

In Octopus Deploy 2019.4.0 through 2019.6.x before 2019.6.6, and 2019.7.x before 2019.7.6, an authenticated system administrator is able to view sensitive values by visiting a server configuration page or making an API call...

Design/Logic Flaw

In Octopus Deploy 2019.4.0 through 2019.6.x before 2019.6.6, and 2019.7.x before 2019.7.6, an authenticated system administrator is able to view sensitive values by visiting a server configuration page or making an API call...

See how I found Bol. com website the XXE vulnerability and successfully exploited-vulnerability warning-the black bar safety net

In a previous report, we learned a lot about in the visitor's browser to execute code knowledge; reflection typeXSSand a storage typeXSS. In addition, we also quickly see the error configuration of the server settings and Open Redirect open-type redirect to. Today, we will explore how from the...

CVE-2019-4263

IBM Content Navigator 3.0CD is vulnerable to local file inclusion, allowing an attacker to access a configuration file in the ICN server. IBM X-Force ID: 160015...