Exploit for CVE-2020-13933

CVE-2020-13933 靶场 shiro 权限配置， 当请求 /res/ 资源时， 302 跳转到登陆页面进行身份认证 - NameController.java： · /res/name： 请求名为 name 的的资源（触发身份认证） · /res/： 不请求任何资源（不触发身份认证） 靶场验证 不在请求路由中指定资源名称时，不触发身份验证，也无资源返回： http://127.0.0.1:8080/res/ 在请求路由中指定资源名称时，302 跳转到身份验证页面： http://127.0.0.1:8080/res/poc 构造特定 PoC...

SUSE CVE-2021-29492

Envoy is a cloud-native edge/middle/service proxy. Envoy does not decode escaped slash sequences %2F and %5C in HTTP URL paths in versions 1.18.2 and before. A remote attacker may craft a path with escaped slashes, e.g. /something%2F..%2Fadmin, to bypass access control, e.g. a block on /admin. A...

IBM Cloud Pak for Multicloud Management Monitoring has an unspecified vulnerability (CNVD-2023-08052)

IBM Cloud Pak for Multicloud Management is an application from International Business Machines IBM, Inc. used to manage the default functionality of multi-cloud environments. a security vulnerability exists in IBM Cloud Pak for Multicloud Management Monitoring version 2.0, version 2.3. An attacke...

CVE-2022-42438

CVE-2022-42438 affects IBM Cloud Pak for Multicloud Management Monitoring 2.0 and 2.3. A root cause of the issue is an insufficient restriction of a directory path, allowing users without admin roles to access admin functions by specifying direct URL paths. Supported details from connected source...

U.S. Dept Of Defense: XSS on ( █████████.gov ) Via URL path

An XSS vulnerability was discovered on a government website, allowing an attacker to execute malicious code on the victim's browser and steal their cookies, potentially leading to account takeover. The vulnerability was exploited by injecting a script into the URL path. The suggested mitigation i...

CVE-2022-23554 Authentication bypass in Alpine

Alpine is a scaffolding library in Java. Alpine prior to version 1.10.4 allows Authentication Filter bypass. The AuthenticationFilter relies on the request URI to evaluate if the user is accessing the swagger endpoint. By accessing a URL with a path such as /api/foo;%2fapi%2fswagger the contains...

Authentication Bypass

Alpine is vulnerable to authentication bypass.The vulnerability exists in filter function of AuthenticationFilter.java because of by accessing a URL with a path without aborting the request which allows an attacker to bypass administrative restrictions via swagger endpoint...

Security Bulletin: A vulnerability in Python affects IBM Elastic Storage System (CVE-2022-0391)

Summary Security vulnerability has been discovered in Python used by Elastic Storage System. Vulnerability Details CVEID:CVE-2022-0391 DESCRIPTION: Python could provide weaker than expected security, cause by a improper input validation by the urllib.parse module. By sending a specially-crafted...

Information Disclosure

concrete5/concrete5 is vulnerable to information disclosure. The vulnerability allows an attacker to inject a crafted payload into the URL path folder and and access sensitive XML data...

Withdrawn: ConcreteCMS vulnerable to Xpath injection attacks

Withdrawn This advisory has been withdrawn because it has been found not to be a security issue and withdrawn by its CNA. Please see the message from NVD here for more information. This link is maintained to preserve external references. Original Description ConcreteCMS v9.1.3 was discovered to b...

GHSA-7VX2-5349-QJ99 Withdrawn: ConcreteCMS vulnerable to Xpath injection attacks

Withdrawn This advisory has been withdrawn because it has been found not to be a security issue and withdrawn by its CNA. Please see the message from NVD here for more information. This link is maintained to preserve external references. Original Description ConcreteCMS v9.1.3 was discovered to b...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2022-2586)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-26121

An exposure of resource to wrong sphere vulnerability CWE-668 in FortiAnalyzer and FortiManager GUI 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.0 through 6.2.9, 6.0.0 through 6.0.11, 5.6.0 through 5.6.11 may allow an unauthenticated and remote attacker to access report template images via...

CVE-2022-26121

An exposure of resource to wrong sphere vulnerability CWE-668 in FortiAnalyzer and FortiManager GUI 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.0 through 6.2.9, 6.0.0 through 6.0.11, 5.6.0 through 5.6.11 may allow an unauthenticated and remote attacker to access report template images via...

CVE-2022-26121

An exposure of resource to wrong sphere vulnerability CWE-668 in FortiAnalyzer and FortiManager GUI 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.0 through 6.2.9, 6.0.0 through 6.0.11, 5.6.0 through 5.6.11 may allow an unauthenticated and remote attacker to access report template images via...

PT-2022-5022 · Fortinet · Fortimanager +1

Name of the Vulnerable Software and Affected Versions: FortiAnalyzer and FortiManager GUI versions 5.6.0 through 5.6.11 FortiAnalyzer and FortiManager GUI versions 6.0.0 through 6.0.11 FortiAnalyzer and FortiManager GUI versions 6.2.0 through 6.2.9 FortiAnalyzer and FortiManager GUI versions 6.4....

FortiAnalyzer & FortiManager - improper authorization to template image

An exposure of resource to wrong sphere vulnerability CWE-668 in FortiAnalyzer and FortiManager GUI may allow an unauthenticated and remote attacker to access report template images via referencing the name in the URL path...

Amazon Linux 2022 : golang, golang-bin, golang-misc (ALAS2022-2022-144)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-144 advisory. In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal erro...

SUSE-SU-2022:3326-1 Security update for go1.19

This update for go1.19 fixes the following issues: Update to go version 1.19.1 bsc1200441: - CVE-2022-27664: Fixed DoS in net/http caused by mishandled server errors after sending GOAWAY bsc1203185. - CVE-2022-32190: Fixed missing stripping of relative path components in net/url JoinPath bsc12031...

Information Disclosure

mangadex-downloader is vulnerable to information disclosure. The vulnerability exists due to the improper url path validation in the validateurl function of validator.py, allowing an attacker to open and read files from the local disk through the commands such as file: and...