124 matches found
istio/istio: HTTP request with escaped slash characters can bypass authorization mechanisms
An authorization bypass flaw was found in Istio. This flaw allows an attacker to craft an HTTP request that defines a certain pattern of escaped characters in the URI path such as %2F, %2f, %5C, or %5c, allowing them to bypass the authorization service. The highest threat from this vulnerability ...
CVE-2021-31920
An authorization bypass flaw was found in Istio. This flaw allows an attacker to craft an HTTP request that defines a certain pattern of escaped characters in the URI path such as %2F, %2f, %5C, or %5c, allowing them to bypass the authorization service. The highest threat from this vulnerability ...
CS Money: Blind Based SQL Injection in 3d.sc.money
Greetings, Hope Y'all good and fine! Summary: I found a Boolean Blind based SQL Injection in your website = 3d.cs.money It's a URI path injection. The vulnerability tested on the Original IP behind the CloudflareWAF and I've already reported this in my other report 1105673 The Affected URI :...
OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...
CVE-2020-28971
An issue was discovered on Western Digital My Cloud OS 5 devices before 5.06.115. A NAS Admin authentication bypass vulnerability could allow an unauthenticated user to execute privileged commands on the device via a cookie, because of insufficient validation of URI paths...
OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...
OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...
Moderate: Red Hat Security Advisory: java-1.8.0-openjdk security update
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...
Observium cross-site scripting vulnerability (CNVD-2020-62448)
Observium is a low-maintenance auto-discovery network monitoring platform that supports multiple device types, platforms and operating systems. Observium suffers from a cross-site scripting vulnerability. An attacker can exploit this vulnerability to inject and store malicious JavaScript code via...
U.S. Dept Of Defense: RXSS Via URI Path - https://██████████/
Hello All I Found RXSS in your OWN Website Steps To Reproduce Go to This Link https://██████/Orders/A%22onerror='alert%60xElkomy%60'testabcd/Login.aspx?ReturnUrl=/Orders Browsers I test them on Firefox and Google Chrome. Fix:- Filter input on arrival Encode data on output Use appropriate response...
Mail.ru: Open Redirect at "city-mobil.ru"
Open redirection in city-mobil.ru via URI path with '@'...
Unspecified Vulnerability in ASUSWRT
ASUSWRT is a firmware from Asus Taiwan, China that runs in its routers. A security vulnerability exists in ASUSWRT version 3.0.0.4.384.20308. An attacker can exploit this vulnerability to cause a denial of service with the help of /APPInstallation.asp?= URI...
Python -- multiple vulnerabilities
Python reports: gh-95778: Converting between int and str in bases other than 2 binary, 4, 8 octal, 16 hexadecimal, or 32 such as base 10 decimal now raises a ValueError if the number of digits in string form is above a limit to avoid potential denial of service attacks due to the algorithmic...
Kyocera ECOSYS M5526CDW Buffer Overflow Vulnerability (CNVD-2020-20975)
The Kyocera ECOSYS M5526CDW is a multifunction printer from Kyocera Japan. A buffer overflow vulnerability exists in the URI path of the Web application in the Kyocera ECOSYS M5526CDW version 2R72000.001.701, which can be exploited by an attacker to cause a denial of service and execute arbitrary...
Mail.ru: XSS
Reflected XSS in vseapteki.ru via URI path...
Directory traversal
Directory traversal vulnerability in Foscam Cameras C1 Lite V3, and C1 V3 with firmware 2.82.2.33 and earlier, FI9800P V3, FI9803P V4, FI9851P V3, and FI9853EP V2 2.84.2.33 and earlier, FI9816P V3, FI9821EP V2, FI9821P V3, FI9826P V3, and FI9831P V3 2.81.2.33 and earlier, C1, C1 V2, C1 Lite, and ...
WordPress User Role Editor Plugin < 4.25 - Privilege Escalation Exploit
Exploit for php platform in category web applications This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress User Role Editor Plugin Privilege Escalation', 'Description' = %q The WordPress...
Directory traversal
Directory traversal vulnerability in the web-based management site on the Intellinet NFC-30ir IP Camera with firmware LM.1.6.16.05 allows remote attackers to read arbitrary files via a request to a vendor-supplied CGI script that is used to read HTML text file, but that does not do any URI/path...
Apache Jetspeed Portal URI Path Cross-Site Scripting (CVE-2016-0712)
A cross-site scripting vulnerability exists in Apache Jetspeed 2. The vulnerability is due to insufficient validation of the URI path. A remote, unauthenticated attacker could exploit this vulnerability by enticing a victim user to visit a crafted web site. Successful exploitation allows the...