CVE-2017-1286

Sensitive information about the configuration of the IBM UrbanCode Deploy 6.1 through 6.9.6.0 server and database can be obtained by a user who has been given elevated permissions in the UI, even after those elevated permissions have been revoked. IBM X-Force ID: 125147...

Uber: [experience.uber.com] Node.js source code disclosure & anonymous access to internal Uber documents, templates and tools

A configuration file on experience.uber.com exposed details for the server configuration as well as information about the content hosted on the site. The site itself did require authentication to log in, but this config file was publicly accessible. Other accessible URLs included slide deck...

New Relic: Missing security best practices (leads to further impact)

Vulnerabilities:- 1.Use of old passwords is possiblecurrent password can be used as new password. 2.Email notification is not being sent to linked mail account while changing passwords steps to reproduce the two issues create account with password example badcracker@123 change password to...

CVE-2016-6565

The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 does not properly validate user input in the cssfile parameter of a HTTP POST request, which may allow an authenticated user to read arbitrary files from the server, or execute arbitrary code on the server in some...

Code injection

The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 does not properly validate user input in the cssfile parameter of a HTTP POST request, which may allow an authenticated user to read arbitrary files from the server, or execute arbitrary code on the server in some...

PHPinfo Information Disclosure

Many PHP installation tutorials instruct the user to create a PHP file that calls the PHP function 'phpinfo' for debugging purposes, and various PHP applications may also include such a file by default. By accessing it, a remote attacker can discover a large amount of information about the remote...

Reliable Controls® MACH-ProWebCom™ 未授权访问信息泄露

MACH-ProWebCom™ 是一个功能强大内置网络服务器完全可自由编程的BACnet® 楼宇控制器。可以快速方便地同 Reliable Controls® MACH-ProWebCom™ 将楼宇自控系统发布到网络上。 MACH-ProWebCom™ Web 服务存在未授权访问，可以下载服务配置等敏感信息 MACH-ProWebCom™, a fully programmable BACnet® Building Controller with a powerful, built-in Web server.It can post your building graphics to t...

Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Intelligent Operations Center (CVE-2015-2808)

Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects IBM Intelligent Operations Center. Vulnerability Details CVE ID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could...

Security Bulletin: Vulnerability in SSLv3 affects Tivoli Storage Manager Operations Center (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in Tivoli Storage Manager Operations Center. Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: Product could allow a remote attacker to...

[SECURITY] Fedora 27 Update: remctl-3.14-1.fc27

remctl the client and remctld the server implement a client/server protocol for running single commands on a remote host using Kerberos v5 authentication and returning the output. They use a very simple GSS-API-authenticated network protocol, combined with server-side ACL support and a server...

Code injection

An issue was discovered in Joomla! Core before 3.8.8. Depending on the server configuration, PHAR files might be handled as executable PHP scripts by the webserver...

Cross site scripting

PrinterOn Enterprise 4.1.3 suffers from multiple authenticated stored XSS vulnerabilities via the 1 department field in the printer configuration, 2 description field in the print server configuration, and 3 username field for authentication to print as guest...

How to Troubleshoot Citrix License Server

Every Citrix product environment must have at least one shared or dedicated License Server. Servers running Citrix products contact the License Server to obtain licenses when users connect. License files must be on the License Server that is associated with the product you are licensing. The...

Delivery Controller cannot get License Server site information

The Delivery Controller cannot obtain the License Server site configuration. No License Server is registered...

Deserialization of untrusted data

Infinispan permits improper deserialization of trusted data via XML and JSON transcoders under certain server configurations. A user with authenticated access to the server could send a malicious object to a cache configured to accept certain types of objects, achieving code execution and possibl...

UBUNTU-CVE-2016-9590

puppet-swift before versions 8.2.1, 9.4.4 is vulnerable to an information-disclosure in Red Hat OpenStack Platform director's installation of Object Storage swift. During installation, the Puppet script responsible for deploying the service incorrectly removes and recreates the proxy-server.conf...

Joruri Gw vulnerable to arbitrary file upload

Overview Joruri Gw provided by SiteBridge Inc. is groupware which runs on Ruby on Rails. Joruri Gw contains a vulnerability that may allow an attacker to upload arbitrary files CWE-434. Shoji Baba of Kobe Digital Labo, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the...

Sensitive File Disclosure (HTTP)

The script attempts to identify files containing sensitive data at the remote web server. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

[20180502] - Core - Add PHAR files to the upload blacklist

Depending on the server configuration, PHAR files might be handled as executable PHP scripts by the webserver...

JamieWeb: Insecure Transportation Security Protocol Supported (TLS 1.0) on https://www.jamieweb.net

Summary: https://www.jamieweb.net still support TLS 1.0 protocol which has several flaws. Vulnerability: With a SSL security scanner i was able to identify that an insecure transportation security protocol TLS 1.0 is still supported by your web server. TLS 1.0 has several flaws. An attacker can...