5286 matches found
PowerTCP WebServer for - ActiveX Denial of Service
source: https://www.securityfocus.com/bid/55761/info PowerTCP WebServer for ActiveX is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to crash the application typically Internet Explorer, denying service to legitimate users. PowerTCP WebServer for ActiveX 1.9....
Researcher Finds 100k IEEE.org Passwords Stored in Plain-Text on Public FTP Server
A Romanian computer scientist discovered that the Institute of Electrical and Electronics Engineers IEEE was storing its members’ usernames and passwords in plaint-text on a publically accessible file transfer protocol FTP server. Radu Drăgușin claims the collection of nearly 100,000 credentials...
HTTP Client Automatic Exploiter
This module has three actions. The first and the default is 'WebServer' which uses a combination of client-side and server-side techniques to fingerprint HTTP clients and then automatically exploit them. Next is 'DefangedDetection' which does only the fingerprinting part. Lastly, 'list' simply...
Apache Struts 2 - Skill Name Remote Code Execution
Apache Struts 2 - Skill Name Remote Code Execution source: https://www.securityfocus.com/bid/55165/info Apache Struts2 is prone to a remote-code-execution vulnerability because it fails to sufficiently sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary code in the...
Apache Struts 2 - Skill Name Remote Code Execution
source: https://www.securityfocus.com/bid/55165/info Apache Struts2 is prone to a remote-code-execution vulnerability because it fails to sufficiently sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary code in the context of the webserver process. This may...
Debian DSA-2532-1 : libapache2-mod-rpaf - denial of service
Sebastien Bocahu discovered that the reverse proxy add forward module for the Apache webserver is vulnerable to a denial of service attack through a single crafted request with many headers. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugi...
DSA-2532-1 libapache2-mod-rpaf - denial of service
Bulletin has no description...
ABB AC500 PLC Webserver CoDeSys Vulnerability
Overview ICS-CERT has been notified of a buffer overflow vulnerability in the ABB AC500 PLC Webserver application. Successful exploitation of this vulnerability could lead to a denial of service DoS, affecting the availability of the service. This vulnerability is related to ICS-CERT Advisory,...
Cyclope Employee Surveillance Solution Local File Inclusion Vulnerability
This host is running Cyclope Employee Surveillance Solution and is prone to local file inclusion vulnerability. OpenVAS Vulnerability Test $Id: gbcyclopeemployeesurveillancelfivuln.nasl 7577 2017-10-26 10:41:56Z cfischer $ Cyclope Employee Surveillance Solution Local File Inclusion Vulnerability...
FileContral - Local File Inclusion Local File Disclosure
FileContral - Local File Inclusion Local File Disclosure source: https://www.securityfocus.com/bid/55891/info FileContral is prone to a local file-include and a local file-disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to...
FileContral - Local File Inclusion / Local File Disclosure
source: https://www.securityfocus.com/bid/55891/info FileContral is prone to a local file-include and a local file-disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to view and execute local files within the context of the...
Oxide Webserver 2.0.4 Denial Of Service
Title : Oxide Webserver Remote Denial of Service Vulnerability Author : Antu Sanadi SecPod Technologies www.secpod.com Vendor : http://sourceforge.net/projects/oxide/ Advisory : http://secpod.org/blog/?p=516 : http://secpod.org/advisories/SecPodOxideWebServerDoSVuln.txt Software : Oxide Webserver...
Oxide WebServer 2.0.4 - Denial of Service
Oxide WebServer 2.0.4 - Denial of Service Title : Oxide Webserver Remote Denial of Service Vulnerability Author : Antu Sanadi SecPod Technologies www.secpod.com Vendor : http://sourceforge.net/projects/oxide/ Advisory : http://secpod.org/blog/?p=516 :...
Maian Survey - index.php URI redirection Local File Inclusion
Maian Survey - index.php URI redirection Local File Inclusion source: https://www.securityfocus.com/bid/54613/info Maian Survey is prone to a URI-redirection vulnerability and a local file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit...
Oxide Webserver 2.0.4 Denial of Service Vulnerability
Exploit for windows platform in category dos / poc Overview: --------- Oxide Webserver v2.0.4 is prone to a remote Denial of Service vulnerability as it fails to handle crafted requests from the client properly. Technical Description: ---------------------- The vulnerability is caused by an error...
Oxide WebServer 2.0.4 - Denial of Service
Title : Oxide Webserver Remote Denial of Service Vulnerability Author : Antu Sanadi SecPod Technologies www.secpod.com Vendor : http://sourceforge.net/projects/oxide/ Advisory : http://secpod.org/blog/?p=516 : http://secpod.org/advisories/SecPodOxideWebServerDoSVuln.txt Software : Oxide Webserver...
Maian Survey - '/index.php' URI redirection / Local File Inclusion
source: https://www.securityfocus.com/bid/54613/info Maian Survey is prone to a URI-redirection vulnerability and a local file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these vulnerabilities to execute arbitrary local files within...
Joomla! Component com_hello - Controller Local File Inclusion
Joomla! Component comhello - Controller Local File Inclusion source: https://www.securityfocus.com/bid/54611/info The 'comhello' component for Joomla! is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerabili...
SA-CONTRIB-2012-108 - Drag & Drop Gallery - Arbitrary PHP code execution
Important note: Most of the vulnerabilities discussed below can be exploited when the Drag & Drop Gallery module is disabled on a Drupal site. See Solution below for details. The Drag & Drop Gallery creates a gallery node type that allows you add images to the gallery by dragging and dropping...
[SECURITY] [DSA 2506-1] libapache-mod-security security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2506-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez July 02, 2012 http://www.debian.org/security/faq -...