675 matches found
HTTP Host header attacks against web proxy disclaimer response webpage
The FortiOS web proxy disclaimer page is potentially vulnerable to an XSS attack, via maliciously crafted "Host" headers in user HTTP requests. The latter is possible if an attacker is in a Man-in-the-middle position i.e. able to modify the HTTP requests of the potential victim before they reach...
The vulnerability of the OpenVPN package arises from the improper handling of client connections to HTTP proxies, allowing a hacker to execute arbitrary code.
The vulnerability of the OpenVPN package exists due to improper handling of client connections to HTTP proxies with NTLMv authentication. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
CVE-2017-18016
Parity Browser 1.6.10 and earlier allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by requesting other websites via the Parity web proxy engine reusing the current website's token, which is not bound to an origin...
Paritytech Parity Bypass Homology Policy Vulnerability
Parity Browser is a lightweight and fast Ethereum programming language client. A security vulnerability exists in Parity Browser version 1.6.10 and earlier. A remote attacker can exploit this vulnerability to obtain sensitive information by requesting other websites with the help of a parity bit...
UBUNTU-CVE-2017-7559
In Undertow 2.x before 2.0.0.Alpha2, 1.4.x before 1.4.17.Final, and 1.3.x before 1.3.31.Final, it was found that the fix for CVE-2017-2666 was incomplete and invalid characters are still allowed in the query string and path parameters. This could be exploited, in conjunction with a proxy that als...
Windows: use-after-free in jscript!NameTbl::GetValDef(CVE-2017-11903)
There is a use-after-free vulnerability in jscript.dll. This issue could potentially be exploited through multiple vectors: - An attacker on the local network could exploit this issue by posing as a WPAD Web Proxy Auto-Discovery host and sending a malicious wpad.dat file to the victim. This works...
Microsoft Windows - jscript!RegExpComp::Compile Heap Overflow Through IE or Local Network via WPAD
Microsoft Windows - jscript!RegExpComp::Compile Heap Overflow Through IE or Local Network via WPAD var s = 'a'; forvar i=0;i...
Microsoft Windows - jscript!NameTbl::GetValDef Use-After-Free
Microsoft Windows - jscript!NameTbl::GetValDef Use-After-Free var vars = new Array100; forvar i=0;i !-- ============================================ PoC for WPAD might require page heap to trigger the crash: ============================================ function...
Microsoft Windows jscript!RegExpComp::Compile Heap Overflow Exploit
There is a heap overflow in jscript.dll when compiling a regex. This issue could potentially be exploited through multiple vectors. Windows: Heap overflow in jscript!RegExpComp::Compile through IE or local network via WPAD CVE-2017-11890 There is a heap overflow in jscript.dll when compiling a...
Microsoft Windows - 'jscript!JsArraySlice' Uninitialized Variable
var x = new URIErrornew Array, undefined, undefined; String.prototype.localeCompare.callx, new Date0, 0, 0, 0, 0, 0, undefined; Array.prototype.slice.call1; !-- ============================================ Technical details: The issue is in jscript!JsArraySlice Array.prototype.slice.call in the P...
Microsoft Windows jscript!RegExpComp::Compile Heap Overflow
Windows: Heap overflow in jscript!RegExpComp::Compile through IE or local network via WPAD CVE-2017-11890 There is a heap overflow in jscript.dll when compiling a regex. This issue could potentially be exploited through multiple vectors: - An attacker on the local network could exploit this issue...
CVE-2017-17055
Artica Web Proxy before 3.06.112911 allows remote attackers to execute arbitrary code as root by conducting a cross-site scripting XSS attack involving the username-form-id parameter to freeradius.users.php...
CVE-2017-17055
Artica Web Proxy before 3.06.112911 allows remote attackers to execute arbitrary code as root by conducting a cross-site scripting XSS attack involving the username-form-id parameter to freeradius.users.php...
Cross site scripting
Artica Web Proxy before 3.06.112911 allows remote attackers to execute arbitrary code as root by conducting a cross-site scripting XSS attack involving the username-form-id parameter to freeradius.users.php...
CVE-2017-17055
Artica Web Proxy (Artica Tech) is reported vulnerable to remote code execution due to an XSS flaw in URL-related parameters (username-form-id to freeradius.users.php). Affected versions include at least 3.06.112911 and 3.06.112216. The root cause is input handling/sanitization in web parameter pr...
CVE-2017-17055
Artica Web Proxy before 3.06.112911 allows remote attackers to execute arbitrary code as root by conducting a cross-site scripting XSS attack involving the username-form-id parameter to freeradius.users.php...
Artica Web Proxy Cross-Site Scripting Vulnerability
Artica Web Proxy is an enterprise-class web security and control solution. The solution features centralized multi-system management, URL protection and authentication. A cross-site scripting vulnerability exists in versions prior to Artica Web Proxy 3.06.112911. A remote attacker can exploit thi...
Artica Web Proxy 3.06.112216 Remote Code Execution Vulnerability
Exploit for php platform in category web applications + Credits: John Page aka Hyp3rlinX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/ARTICA-WEB-PROXY-v3.06-REMOTE-CODE-EXECUTION-CVE-2017-17055.txt Vendor: ======= www.articatech.com Product: =========...
Artica Web Proxy 3.06.112216 Remote Code Execution
Credits: John Page aka Hyp3rlinX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/ARTICA-WEB-PROXY-v3.06-REMOTE-CODE-EXECUTION-CVE-2017-17055.txt + ISR: ApparitionSec Vendor: ======= www.articatech.com Product: ========= Artica Web Proxy v.3.06.112216...
Artica Web Proxy 3.06 - Remote Code Execution
Artica Web Proxy 3.06 - Remote Code Execution + Credits: John Page aka Hyp3rlinX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/ARTICA-WEB-PROXY-v3.06-REMOTE-CODE-EXECUTION-CVE-2017-17055.txt + ISR: ApparitionSec Vendor: ======= www.articatech.com Product...