155 matches found
Shanghai Zhuo fan cms government service center/index/downLoadFile. action download vulnerability
http://xxx.com/index/downLoadFile.action?fileName=web.xml&filePath=WEB-INF/web.xml...
VulnCheck KEV: CVE-2010-2493
The default configuration of the deployment descriptor aka web.xml in picketlink-sts.war in 1 the securitysaml quickstart, 2 the webserviceproxysecurity quickstart, 3 the web-console application, 4 the http-invoker application, 5 the gpd-deployer application, 6 the jbpm-console...
TRS(ids新老版本)设计缺陷(xxe/用户信息泄露包括密码等)
简要描述: TRSids设计缺陷xxe/用户信息泄露包括密码,好久没有发过漏洞了,突然上来看了看,发现漏洞提交页面都变了 详细说明: 首先我们看看web.xml配置文件: ServiceServlet com.trs.idm.admin.service.ServiceServlet ServiceServlet /service 跟进ServiceServlet protected void serviceHttpServletRequest request, HttpServletResponse response throws ServletException, IOExceptio...
Ebay INC (Magento) Web Security Bug Bounty: Directory Traversal / Local File Inclusion In magento.com
Little Insight: https://wiki.magento.com was vulnerable to a directory traversal / local file inclusion vulnerability. As a result, it was possible for an attacker to load web server-readable files from the local filesystem. well this LFI very interesting for me because when i am start my work i...
金蝶AES系统Java web配置文件敏感信息泄露漏洞
0x01 漏洞框架 金蝶软件始创于1993年,是一家ERP、财务等企业管理软件厂商,拥有官网kigndee.com、友商网(youshang.com)、快递100(kuaidi100.com)、云之家(kdweibo.com)等互联网业务应用 官方主页:www.kingdee.com 客户案例: 0x02 漏洞利用 金蝶AES系统Java web配置文件可任意下载。 portal下的配置文件: http://58.63.253.42/portal/WEB-INF/web.xml...
ManageEngine ServiceDesk Plus Multiple Vulnerabilities
The version of ManageEngine ServiceDesk Plus running on the remote web server is affected by multiple vulnerabilities : - A security bypass vulnerability exists due to a misconfiguration in web.xml that allows access to the URL /workorder/FileDownload.jsp without requiring authentication. - A pat...
ManageEngine AssetExplorer Multiple Vulnerabilities
The version of ManageEngine AssetExplorer running on the remote web server is affected by multiple vulnerabilities : - A security bypass vulnerability exists due to a misconfiguration in web.xml that allows access to the URL /workorder/FileDownload.jsp without requiring authentication. - A path...
Insecure Direct Object Reference
The following URL is vulnerable to Insecure Direct Object Reference, allowing any authenticated user to read configuration files from the application such as the content of webapp directory in confluence. http:///spaces/viewdefaultdecorator.action?decoratorName=...
Insecure Direct Object Reference
The following URL is vulnerable to Insecure Direct Object Reference, allowing any authenticated user to read configuration files from the application such as the content of webapp directory in confluence. http:///spaces/viewdefaultdecorator.action?decoratorName=...
F5 Big-IP 10.2.4 Build 595.0 Hotfix HF3 - Directory Traversal
F5 Big-IP 10.2.4 Build 595.0 Hotfix HF3 - Directory Traversal Exploit Title: F5 BigIP File Path Traversal Vulnerability Discovered by: Karn Ganeshen Reported on: April 27, 2015 New version released on: September 01, 2015 Vendor Homepage: www.f5.com Version Reported: F5 BIG-IP 10.2.4 Build 595.0...
F5 Big-IP 10.2.4 Build 595.0 Hotfix HF3 - File Path Traversal Vulnerability
Exploit for hardware platform in category web applications Exploit Title: F5 BigIP File Path Traversal Vulnerability Discovered by: Karn Ganeshen Reported on: April 27, 2015 New version released on: September 01, 2015 Vendor Homepage: www.f5.com Version Reported: F5 BIG-IP 10.2.4 Build 595.0 Hotf...
Apache Struts vulnerable to cross-site scripting
Overview Apache Struts provided by the Apache Software Foundation is a software framework for creating web applications in Java. Apache Struts is vulnerable to cross-site scripting when JSP files can be accessed directly. Takayoshi Isayama of Mitsui Bussan Secure Directions, Inc. reported this...
Thermostat User Certificate Acquisition Vulnerability
Thermostat is a suite of monitoring instrumentation tools that support monitoring multiple JVM instances in OpenJDK HotSpot virtual machines. Thermostat failed to properly set web.xml file permissions, allowing a local attacker to obtain user credentials by reading the file...
Design/Logic Flaw
Thermostat before 2.0.0 uses world-readable permissions for the web.xml configuration file, which allows local users to obtain user credentials by reading the file...
CVE-2015-3201
Thermostat before 2.0.0 uses world-readable permissions for the web.xml configuration file, which allows local users to obtain user credentials by reading the file...
CVE-2015-3201
Thermostat web application stores database credentials in a world-readable configuration file (web.xml), enabling a local user to read credentials and potentially access/modify monitored JVM data or control connected JVMs. Red Hat RHSA-2015:1052 and Fedora advisories/ Nessus entries document the ...
欧朋浏览器之广告主后台敏感信息泄漏漏洞(泄漏内容证明)
简要描述: J2EE架构安全 详细说明: 泄漏点: http://59.151.113.225/WEB-INF/web.xml http://59.151.113.225/WEB-INF/spring/webmvc-config.xml 漏洞证明: Spring+Freemaker 反编译class文件...
ManageEngine Firewall Analyzer 8.0 Directory Traversal / XSS
...:::::ManageEngine Firewall Analyzer Directory Traversal/XSS Vulnerabilities::::.... Sobhan System Network & Security Group sobhansys ------------------------------------------------------- Date: 2015-01-28 Exploit Author: AmirHadi Yazdani Sobhansys Co Vendor Homepage:...
欧朋浏览器多站配置不当泄漏敏感信息
简要描述: J2EE架构安全 详细说明: 关于WEB-INF WEB-INF是Java的WEB应用的安全目录。所谓安全就是客户端无法访问,只有服务端可以访问的目录。 WEB-INF目录下的敏感目录及文件: classes目录(包含该应用核心的java类编译后的class文件及部分配置文件) lib目录(所用框架、插件或组件的架包) web.xml(重要的配置文件) 泄漏点1. http://59.151.113.213/WEB-INF/web.xml http://59.151.113.213/WEB-INF/spring/webmvc-config.xml...
JEECMS arbitrary File Download lead to sensitive information disclosure-vulnerability warning-the black bar safety net
Should be JEECMS old version inurl:download. jspx? path= Arbitrary File Download download. jspx? fpath=WEB-INF/web. xml&filename=WEB-INF/web.xml Case 1 www.xxczj.gov.cn/download.jspx?fpath=WEB-INF/web.xml&filename=WEB-INF/web.xml ! tick. png Case 2...