65 matches found
GHSA-CHGM-7R52-WHJJ Hashicorp Consul Path Traversal vulnerability
A vulnerability was identified in Consul and Consul Enterprise "Consul" such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules...
CVE-2024-10005
A vulnerability was identified in Consul and Consul Enterprise “Consul” such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules...
DEBIAN-CVE-2024-10005
A vulnerability was identified in Consul and Consul Enterprise “Consul” such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules...
CVE-2024-10005 Consul L7 Intentions Vulnerable To URL Path Bypass
A vulnerability was identified in Consul and Consul Enterprise “Consul” such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules...
CVE-2024-10005
CVE-2024-10005 affects Consul and Consul Enterprise. The issue arises from using URL paths in L7 traffic intentions, allowing bypass of HTTP request path-based access rules. Evidence from multiple sources (NVD entry and industry advisories) confirms the vulnerability in Consul’s URL path handling...
CVE-2024-10005
A vulnerability was identified in Consul and Consul Enterprise “Consul” such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules...
PT-2024-8623 · Hashicorp +4 · Hashicorp Consul +4
Name of the Vulnerable Software and Affected Versions: Consul versions 1.9.0 through 1.20.1 Description: A vulnerability was identified in Consul such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules. This issue allows a remote attacker to bypass...
JBoss Status Servlet Information Gathering
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'JBoss Status Servlet Information Gathering', 'Description' = %q This module queries the JBoss status servlet to collect sensitive information,...
CVE-2023-46321
iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize paths in x-man-page URLs. They may have shell metacharacters for a /usr/bin/man command line...
SUSE CVE-2023-40274
An issue was discovered in zola 0.13.0 through 0.17.2. The custom implementation of a web server, available via the "zola serve" command, allows directory traversal. The handlerequest function, used by the server to process HTTP requests, does not account for sequences of special path control...
CVE-2023-34409
In Percona Monitoring and Management PMM server 2.x before 2.37.1, the authenticate function in authserver.go does not properly formalize and sanitize URL paths to reject path traversal attempts. This allows an unauthenticated remote user, when a crafted POST request is made against unauthenticat...
Code injection
IBM Cloud Pak for Multicloud Management Monitoring 2.0 and 2.3 allows users without admin roles access to admin functions by specifying direct URL paths. IBM X-Force ID: 238210...
Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring has applied security fixes for user privilege escalation
Summary IBM Cloud Pak for Multicloud Management Monitoring has patched for users without admin roles. Non-admin user should not access to admin functions by specifying direct URL paths. Vulnerability Details IBM X-Force ID: 238210 DESCRIPTION: IBM Cloud Pak for Multicloud Management Monitoring...
Privilege Escalation
cakephp/cakephp is vulnerable to Privilege Escalation. A remote attacker is able to directly access prefixed actions without setting the correct request parameters due to unconventional URL paths, which allows an attacker to elevate privileges when the authorization depends on the presence of the...
Secure Web Gateway 10.2.11 Cross Site Scripting Vulnerability
Secure Web Gateway version 10.2.11 suffers from a cross site scripting vulnerability. RedTeam Pentesting identified a vulnerability which allows attackers to craft URLs to any third-party website that result in arbitrary content to be injected into the response when accessed through the Secure We...
GHSA-6HG4-VP5Q-47MW CakePHP allows direct access of prefixed controller actions
Unconventional URL paths would allow direct access to prefixed actions without setting the correct request parameters...
CakePHP allows direct access of prefixed controller actions
Unconventional URL paths would allow direct access to prefixed actions without setting the correct request parameters...
CVE-2023-0214
A cross-site scripting vulnerability in Skyhigh SWG in main releases 11.x prior to 11.2.6, 10.x prior to 10.2.17, and controlled release 12.x prior to 12.0.1 allows a remote attacker to craft SWG-specific internal requests with URL paths to any third-party website, causing arbitrary content to be...
CVE-2023-0214 XSS in Skyhigh Security SWG
A cross-site scripting vulnerability in Skyhigh SWG in main releases 11.x prior to 11.2.6, 10.x prior to 10.2.17, and controlled release 12.x prior to 12.0.1 allows a remote attacker to craft SWG-specific internal requests with URL paths to any third-party website, causing arbitrary content to be...
Directory Traversal
sanic is vulnerable to directory traversal. The vulnerability exists due to a lack of sanitization of URL paths in the handler function allowing an attacker to access lateral directories when using app.static if using encoded %2F URLs...