118 matches found
FreePBX Recordings Backdoor Upload
Added: 10/14/2016 Background FreePBX is a web-based open-source graphical user interface used to manage Asterisk PBX, an open-source communication server. The FreePBX System Recordings module allows playback of recorded files. Problem The System Recordings module in FreePBX 13 and 14 is vulnerabl...
Broken CORS
Overview Affected versions of sails have an issue with the CORS configuration where the value of the origin header is reflected as the value for the Access-Control-Allow-Origin header. This may allow an attacker to make AJAX requests to vulnerable hosts through cross-site scripting or a malicious...
CVE-2016-2158
lib/ajax/getnavbranch.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3, when the forcelogin feature is enabled, allows remote attackers to obtain sensitive category-detail information from the navigation branch by leveraging the...
WordPress User Meta Manager 3.4.6 Information Disclosure
Exploit Title: WordPress User Meta Manager Plugin Information Disclosure Discovery Date: 2015-12-28 Public Disclosure Date: 2016-02-01 Exploit Author: Panagiotis Vagenas Contact: https://twitter.com/panVagenas Vendor Homepage: http://jasonlau.biz/home/ Software Link:...
WordPress User Meta Manager 3.4.6 Plugin - Information Disclosure
Exploit for php platform in category web applications Exploit Title: WordPress User Meta Manager Plugin Information Disclosure Discovery Date: 2015-12-28 Public Disclosure Date: 2016-02-01 Exploit Author: Panagiotis Vagenas Contact: https://twitter.com/panVagenas Vendor Homepage:...
WordPress Plugin User Meta Manager 3.4.6 - Information Disclosure
WordPress Plugin User Meta Manager 3.4.6 - Information Disclosure Exploit Title: WordPress User Meta Manager Plugin Information Disclosure Discovery Date: 2015-12-28 Public Disclosure Date: 2016-02-01 Exploit Author: Panagiotis Vagenas Contact: https://twitter.com/panVagenas Vendor Homepage:...
WordPress Plugin User Meta Manager 3.4.6 - Information Disclosure
Exploit Title: WordPress User Meta Manager Plugin Information Disclosure Discovery Date: 2015-12-28 Public Disclosure Date: 2016-02-01 Exploit Author: Panagiotis Vagenas Contact: https://twitter.com/panVagenas Vendor Homepage: http://jasonlau.biz/home/ Software Link:...
Fedora 22 : drupal6-6.37-1.fc22 (2015-14444)
"Maintenance and security release of the Drupal 6 series. This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the notes below and the security announcement: Drupal Core - Critical - Multiple Vulnerabilities - SA-CORE-2015-003 No other fixes are...
Solarwinds Orion Service SQL Injection Vulnerability
Various remote SQL injection vulnerabilities exist in the core Orion service used in most of the Solarwinds products. Affected products include Network Performance Monitor below version 11.5, NetFlow Traffic Analyzer below version 4.1, Network Configuration Manager below version 7.3.2, IP Address...
SolarWinds Orion Service - SQL Injection
I found a couple SQL injection vulnerabilities in the core Orion service used in most of the Solarwinds products SAM, IPAM, NPM, NCM, etc…. This service provides a consistent configuration and authentication layer across the products. To be exact, the vulnerable applications and versions are:...
Solarwinds Orion Service SQL Injection
I found a couple SQL injection vulnerabilities in the core Orion service used in most of the Solarwinds products SAM, IPAM, NPM, NCM, etc…. This service provides a consistent configuration and authentication layer across the products. To be exact, the vulnerable applications and versions are:...
SA-CONTRIB-2014-090 - Speech recognition - Multiple vulnerabilities
This module enables you to add speech recognition to forms, allowing site admins to enable experimental Speech Input API features on form inputs through the user interface. Cross Site Scripting XSS The module incorrectly prints fields without proper sanitization thereby opening a Cross Site...
cumin: Denial of service due to improper handling of certain Ajax requests
Cumin, as used in Red Hat Enterprise MRG 2.4, allows remote attackers to cause a denial of service CPU and memory consumption via a crafted Ajax update request...
CVE-2013-3581
The CVE-2013-3581 entry affects the web interface of the Choice Wireless Green Packet WIXFMR-111 4G WiMax modem. The vulnerability lies in ajax.cgi where remote attackers can obtain sensitive information via Ajax requests (wmxState or netState). The provided documents describe the affected compon...
Choice Wireless Green Packet 4G WiMax modem vulnerability
Overview Choice Wireless Green Packet 4G WiMax modem, model number WIXFMR-111, fails to properly validate ajax requests allowing a remote unauthenticated attacker to view system configuration information or possibly execute commands on the device. Description It has been reported that Choice...
Fedora Update for drupal7-ctools FEDORA-2012-4881
Check for the Version of drupal7-ctools OpenVAS Vulnerability Test Fedora Update for drupal7-ctools FEDORA-2012-4881 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...
CVE-2012-2341
Cross-site request forgery CSRF vulnerability in the Take Control module 6.x-2.x before 6.x-2.2 for Drupal allows remote attackers to hijack the authentication of unspecified users for Ajax requests that manipulate files...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the Take Control module 6.x-2.x before 6.x-2.2 for Drupal allows remote attackers to hijack the authentication of unspecified users for Ajax requests that manipulate files...
CVE-2012-2341
The Drupal Take Control module (6.x-2.x) is affected by a CSRF vulnerability in Ajax requests that manipulate files due to insufficient validation. Versions prior to 6.x-2.2 allow remote attackers to hijack user authentication for these requests. Remediation: upgrade to Take Control 6.x-2.2 (or l...
CVE-2011-4361
MediaWiki before 1.17.1 does not check for read permission before handling action=ajax requests, which allows remote attackers to obtain sensitive information by 1 leveraging the SpecialUpload::ajaxGetExistsWarning function, or by 2 leveraging an extension, as demonstrated by the CategoryTree,...