Mail.ru: XXE and SSRF on webmaster.mail.ru

SSRF request: POST /domain/metadata HTTP/1.1 Host: webmaster.mail.ru User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10.9; rv:29.0 Gecko/20100101 Firefox/29.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate...

Apache Camel XSLT XML外部实体漏洞(CVE-2014-0002)

CVECAN ID: CVE-2014-0002 Apache Camel是基于已知的企业级集成模式上的开源集成框架。 Apache Camel 2.11.0-2.11.3、Apache Camel 2.12.0-2.12.2版本的XSLT组件用xslt例程转换XML消息时会解析消息内的实体，可以提交消息到xslt例程的远程攻击者可利用此漏洞，读取可访问的运行中应用服务器上的文件，也可能执行其他更高级的XXE攻击。 0 Apache Group Camel 2.12.3 Apache Group Camel 2.11.4 厂商补丁： Apache Group ------------...

Cybozu Garoon vulnerable to directory traversal

Overview Cybozu Garoon contains a directory traversal vulnerability. Cybozu Garoon provided by Cybozu, Inc. is a groupware. Cybozu Garoon contains a directory traversal vulnerability in the process of downloading files. Impact A user who can log in to the product may obtain files on the server...

Java: XML eXternal Entity (XXE) flaw in ParserPool and Decrypter

It was found that the ParserPool and Decrypter classes in the OpenSAML Java implementation resolved external entities, permitting XML External Entity XXE attacks. A remote attacker could use this flaw to read files accessible to the user running the application server, and potentially perform oth...

Moderate: Red Hat Security Advisory: curl security update

Updated curl packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

roundcube -- arbitrary file disclosure vulnerability

RoundCube development team reports: After getting reports about a possible vulnerability of Roundcube which allows an attacker to modify its users preferences in a way that he/she can then read files from the server, we now published updated packages as well as patches that fix this security issu...

Wordpress Plugins - wp superb Slideshow Full Path Disclosure

the attacker can use this bug for get Important information 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1...

Innovarweb CMS Local File Inclusion

Exploit Title: Innovarweb CMS / Local File Inclusion Date: 31/08/2012 Author: Daniel Godoy Author Mail:DanielGodoyatGobiernoFederaldotcom Author Web: www.delincuentedigital.com.ar Software web: http://www.innovarweb.com.ar/interior/index.php?cdo=servicios/gestorcontenidos.php Tested on: Linux Dor...

European Union hacked by Inj3ct0r Team

European Union hacked by Inj3ct0r Team One of the Sub domain of European Union hacked and Defaced by Exploit writers at Inj3ct0r Team. Hacker deface the web page and wrote : We are against nuclear weapons. We are against violence in Libya. We are against the arrest of policy Tymoshenko's in...

ManageEngine Support Center Plus 7.8 build <= 7801 Directory Traversal

Exploit for jsp platform in category web applications Advisory: ManageEngine Support Center Plus 7.8 build 0x90.nl Software link: http://www.manageengine.com/products/support-center/download.html Tested on: Linux & Windows Category: Directory Traversal Severity: High Google Dork:...

Wind noise browse the directory to create the file vulnerability-vulnerability warning-the black bar safety net

Brief description: By testing found that the program FolderImageList. asp FolderImageList. asp FileManage. asp several scripts in process user submitted a malicious path parameter does not control the filter, the attacker can make the server the current view, create and other operations, a...

H_conly webmaster management assistant v1. 2 access vulnerability-vulnerability warning-the black bar safety net

An ASP prepared by the webmaster management Assistant, the main function is to achieve online edit ASP File format, allowing you to Online manage files on the server, edit, save, delete, more life, etc. In addition it is the interface design nice imitation 3 6 0 style. It also comes with quite a...

Directory traversal vulnerability in multiple phpspot products

Overview Multiple products provided by phpspot contain a directory traversal vulnerablility. Multiple products BBS Software etc. provided by phpspot contain a directory traversal vulnerablility. Takayoshi Isayama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/...

Adobe ColdFusion Server Null Character Information Disclosure (APSB09-12; CVE-2009-1876)

An information disclosure vulnerability has been discovered in Adobe ColdFusion server. Adobe ColdFusion is an application server for developing dynamically generated Web sites. A remote attacker could exploit this issue to obtain sensitive information. The vulnerability is due to a double-encode...

phpmyadmin -- insufficient output sanitizing when generating configuration file

phpMyAdmin Team reports: Setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file. Combined with ability to save files on server, this can allow unauthenticated users to execute arbitrary PHP code. This...

Update Protection against Joomla! "X_CMS_LIBRARY_PATH" Directory Traversal Vulnerability

A directory traversal vulnerability was detected in Joomla!, an open-source content management system CMS. The vulnerability can be exploited to disclose sensitive information by accessing normally-inaccessible files on the server via directory traversal attacks...

Directory traversal vulnerability in WebLogic Server and WebLogic Express plug-ins

Overview WebLogic Server and WebLogic Express are application servers provided by Oracle formerly BEA Systems, Inc.. Plug-ins included in WebLogic Server and WebLogic Express contain a directory traversal vulnerability. WebLogic Server and WebLogic Express are application servers based on Java...

ServerView directory traversal vulnerability

Overview ServerView, server monitoring software included in Fujitsu servers, contains a directory traversal vulnerability. Impact A remote attacker could view particular files on the server. Solution None...

04WebServer directory traversal vulnerability

Overview 04WebServer, an open source web server, contains a vulnerability allowing directory traversal bypassing user authentication. Impact A remote attacker could bypass a user authentication and view server files. Solution None...

KDDI sample CGI download program directory traversal vulnerability

Overview A directory traversal vulnerability exists in a sample CGI download program included with KDDI's EZFactory. A sample CGI download program is included with KDDI's EZFactory for downloading and saving data such as images and ringtones to EZweb compatible cellular phones. A directory...