vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not specified, but it includes various types of vulnerabilities such as SQL injection, cross-site scripting XSS, and remote code execution RCE. The target product/service or...

Online Course Registration 1.0 SQL Injection

Exploit Title: Online Course Registration 1.0 - Authentication Bypass Google Dork: N/A Date: 2020-06-05 Exploit Author: BKpatron Vendor Homepage: https://www.sourcecodester.com/php/14251/online-course-registration.html Software Link:...

httpd: mod_rewrite potential open redirect

A vulnerability was discovered in Apache httpd, in modrewrite. Certain self-referential modrewrite rules could be fooled by encoded newlines, causing them to redirect to an unexpected location. An attacker could abuse this flaw in a phishing attack or as part of a client-side attack on browsers...

Exploit for CVE-2020-11651

It is an exploit module for Apache HTTP Server versions prior to...

The vulnerability of the mod_auth_digest component in the Apache HTTP Server allows a hacker to gain unauthorized access to confidential information or execute arbitrary code.

The vulnerability of the modauthdigest component in the Apache HTTP Server is related to insufficient protection of web pages. Exploiting this vulnerability can allow an attacker to gain unauthorized access to confidential information or execute arbitrary code...

Unauthorized Access Vulnerability in EML Enterprise Contacts Management System of Yisoftone.com

EML enterprise address book management system is based on Linux open kernel and Apache based Php+Mysql intelligent B/S interactive service system. EML Enterprise Address Book Management System of YisoftStone.com has an unauthorized access vulnerability, which can be exploited by attackers to caus...

httpd: mod_rewrite potential open redirect

A vulnerability was discovered in Apache httpd, in modrewrite. Certain self-referential modrewrite rules could be fooled by encoded newlines, causing them to redirect to an unexpected location. An attacker could abuse this flaw in a phishing attack or as part of a client-side attack on browsers...

DEBIAN-CVE-2020-1927

In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with modrewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL...

ALPINE-CVE-2020-1927

In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with modrewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL...

UBUNTU-CVE-2020-1927

In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with modrewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL...

Slowness in Presenting Citrix Gateway/AAA Login page on Client Browsers

Sometimes Citrix Gateway login page takes a long time to be presented on the client’s browsers. When this issue occurs, you might observe any of the following conditions. The number of established connections to Apache counter has hit the default configured limit of 30 or a customized value, if...

The vulnerability of the HTTP/2 network protocol implementation in the Apache HTTP Server allows a attacker to trigger a service failure.

The vulnerability of the HTTP/2 network protocol implementation in the Apache HTTP Server is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

The vulnerability of the mod_rewrite function in the Apache HTTP Server allows attackers to gain unauthorized access to confidential information or compromise the integrity of that information.

The vulnerability of the modrewrite function in the Apache HTTP Server relates to the redirection of URLs to an unreliable website. Exploiting this vulnerability can allow attackers to gain unauthorized access to confidential information or affect the integrity of that information through special...

PT-2020-3260 · Apache +8 · Apache Http Server +8

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions 2.4.0 through 2.4.41 Description: The issue is related to the mod proxy ftp function in the Apache HTTP Server, which may use uninitialized memory when proxying to a malicious FTP server. This could allow a remote...

[SECURITY] Fedora 31 Update: php-7.3.14-1.fc31

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

The vulnerability of the Apache HTTP Server’s virtualization software, Centreon VM, allows attackers to disclose protected information.

The vulnerability of the Apache HTTP Server’s virtualization software, Centreon VM, is related to errors in cookie file processing. Exploiting this vulnerability allows a remote attacker to disclose sensitive information...

Security Bulletin: IBM i Apache server affected by vulnerabilities CVE-2015-1283 and CVE-2015-3183.

Summary IBM i Apache server is affected by the following vulnerabilities CVE-2015-1283 and CVE-2015-3183. Vulnerability Details CVEID: CVE-2015-3183 DESCRIPTION: Apache HTTP Server is vulnerable to HTTP request smuggling, caused by a chunk header parsing flaw in the aprbrigadeflatten function. By...

httpd: null-pointer dereference in mod_remoteip

A vulnerability was discovered in Apache httpd, in modremoteip. A trusted proxy using the "PROXY" protocol could send specially crafted headers that can cause httpd to experience a stack buffer overflow or NULL pointer dereference, leading to a crash or other potential consequences. This issue...

httpd: mod_http2: DoS via slow, unneeded request bodies

In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 modhttp2 connections...

The vulnerability of the RewriteRule module in the Apache web server, related to the use of incorrect URL names, allows attackers to access sensitive data.

The vulnerability of the RewriteRule module in the Apache web server is related to incorrect processing of requests that contain several slash characters /. Exploiting this vulnerability allows an attacker who operates remotely to gain access to confidential data...