21 matches found
splunk-web-attack-detection
🔍 Web Application Attack Detection & Threat Hunting Using Splu...
EUVD-2023-35522
Malicious code in bioql PyPI...
CVE-2012-10022
Kloxo versions 6.1.12 and earlier contain two setuid root binaries—lxsuexec and lxrestart—that allow local privilege escalation from uid 48. The lxsuexec binary performs a uid check and permits execution of arbitrary commands as root if the invoking user matches uid 48. This flaw enables attacker...
CVE-2012-10022 Kloxo <= 6.1.12 Local Privilege Escalation
Kloxo versions 6.1.12 and earlier contain two setuid root binaries—lxsuexec and lxrestart—that allow local privilege escalation from uid 48. The lxsuexec binary performs a uid check and permits execution of arbitrary commands as root if the invoking user matches uid 48. This flaw enables attacker...
CVE-2012-10022
Kloxo versions 6.1.12 and earlier contain two setuid root binaries—lxsuexec and lxrestart—that allow local privilege escalation from uid 48. The lxsuexec binary performs a uid check and permits execution of arbitrary commands as root if the invoking user matches uid 48. This flaw enables attacker...
CVE-2012-10022 Kloxo <= 6.1.12 Local Privilege Escalation
Kloxo versions 6.1.12 and earlier contain two setuid root binaries—lxsuexec and lxrestart—that allow local privilege escalation from uid 48. The lxsuexec binary performs a uid check and permits execution of arbitrary commands as root if the invoking user matches uid 48. This flaw enables attacker...
CVE-2025-54064
CVE-2025-54064 affects Rucio helm charts for rucio-server, rucio-ui, and rucio-webui. The Apache access-log format includes the X-Rucio-Auth-Token header (which may contain Internal Rucio tokens or JWTs), potentially exposing credentials in log lines. Affected versions and patches: rucio-server 3...
CVE-2025-54064 rucio-server, rucio-ui, and rucio-webui vulnerable to insertion of X-Rucio-Auth-Token in apache access logfiles
Rucio is a software framework that provides functionality to organize, manage, and access large volumes of scientific data using customizable policies. The common Rucio helm-charts for the rucio-server, rucio-ui, and rucio-webui define the log format for the apache access log of these components...
UBUNTU-CVE-2023-31207
Transmission of credentials within query parameters in Checkmk = 2.1.0p26, = 2.0.0p35, and = 2.2.0b6 beta may cause the automation user's secret to be written to the site Apache access log...
CVE-2023-31207 Automation user secret logged to Apache access log
Transmission of credentials within query parameters in Checkmk = 2.1.0p26, = 2.0.0p35, and = 2.2.0b6 beta may cause the automation user's secret to be written to the site Apache access log...
CVE-2023-31207 Automation user secret logged to Apache access log
Transmission of credentials within query parameters in Checkmk = 2.1.0p26, = 2.0.0p35, and = 2.2.0b6 beta may cause the automation user's secret to be written to the site Apache access log...
CVE-2023-31207
CVE-2023-31207 affects Checkmk; multiple connected sources confirm that transmitting credentials within query parameters can cause the automation user’s secret to be written to the site Apache access log. Affected streams include Checkmk versions ≤ 2.1.0p26, ≤ 2.0.0p35, and ≤ 2.2.0b6 (beta). The ...
Apache Log Extractor tool
Apache Log Extractor tool Apache Log Extractor is a quick script to export URL information from Apache access logs. The thought behind this script was to provide a list of known URL's on a remote server by analysing the logs. This list could then be used as the input for further testing tools e.g...
Lotus CMS Fraise 3.0 - Local File Inclusion Remote Code Execution
Lotus CMS Fraise 3.0 - Local File Inclusion Remote Code Execution !/usr/bin/python Lotus CMS Fraise v3.0 LFI - Remote Code Execution Exploit greetz Tecr0C :0 Vuln: lines 15-23 in core/lib/router.php ---------- sof //Get page request if any $page = $this-getInputString"page", "index"; //Get plugin...
Lotus CMS Fraise 3.0 - Local File Inclusion / Remote Code Execution
!/usr/bin/python Lotus CMS Fraise v3.0 LFI - Remote Code Execution Exploit greetz Tecr0C :0 Vuln: lines 15-23 in core/lib/router.php ---------- sof //Get page request if any $page = $this-getInputString"page", "index"; //Get plugin request if any $plugin = $this-getInputString"system", "Page"; //...
WordPress Privileges Unchecked in admin.php and Multiple Information
Exploit for unknown platform in category web applications ==================================================================== WordPress Privileges Unchecked in admin.php and Multiple Information ==================================================================== -----BEGIN PGP SIGNED MESSAGE---...
WordPress Core MU Plugins - admin.php Privileges Unchecked Multiple Information Disclosures
WordPress Core MU Plugins - admin.php Privileges Unchecked Multiple Information Disclosures -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ WordPress Privileges Unchecked in admin.php and Multiple Information...
WordPress Privileges Unchecked in admin.php and Multiple Information Disclosures
No description provided by source. WordPress Privileges Unchecked in admin.php and Multiple Information Disclosures 1. Advisory Information Title: WordPress Privileges Unchecked in admin.php and Multiple Information Disclosures Advisory ID: CORE-2009-0515 Advisory URL:...
CORE-2009-01515 - WordPress Privileges Unchecked in admin.php and Multiple Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ WordPress Privileges Unchecked in admin.php and Multiple Information Disclosures 1. Advisory Information Title: WordPress Privileges Unchecked in admin.php and Multip...
Apache 1.3 IP address access control failure on some 64-bit platforms
Henning Brauer discovered a programming error in Apache 1.3's modaccess that results in the netmasks in IP address access control rules being interpreted incorrectly on 64-bit, big-endian platforms. In some cases, this could cause a deny from' IP address access control rule including a netmask to...