UBUNTU-CVE-2018-20149

In WordPress before 4.9.9 and 5.x before 5.0.1, when the Apache HTTP Server is used, authors could upload crafted files that bypass intended MIME type restrictions, leading to XSS, as demonstrated by a .jpg file without JPEG data...

DEBIAN-CVE-2018-20149

In WordPress before 4.9.9 and 5.x before 5.0.1, when the Apache HTTP Server is used, authors could upload crafted files that bypass intended MIME type restrictions, leading to XSS, as demonstrated by a .jpg file without JPEG data...

Facebook And Google Reviews System For Businesses 1.1 SQL Injection

Exploit Title: Facebook And Google Reviews System For Businesses 1.1 - SQL Injection Dork: N/A Date: 2018-12-14 Exploit Author: Ihsan Sencan Vendor Homepage: https://codecanyon.net/item/facebook-and-google-reviews-system-for-businesses/22793559 Version: 1.1 Category: Webapps Tested on:...

RATELIMITED: Banner Grabbing - Apache Server Version Disclousure

Hello RATELIMITED, I'd like to report a nice little bug. Banner Grabbing is a technique used to gain information about a remote server. Additionally, this technique is use to get information about remote servers. I've captured the HTTP request while visiting theendlessweb.com POC: Simply check...

SUSE-SU-2018:3582-2 Security update for apache2

This update for apache2 fixes the following issues: Security issues fixed: - CVE-2018-11763: In Apache HTTP Server by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2...

Helpdezk 1.1.1 - 'query' SQL Injection

Exploit Title: Helpdezk 1.1.1 - 'query' SQL Injection Dork: N/A Date: 2018-11-13 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.helpdezk.org/ Software Link: https://netcologne.dl.sourceforge.net/project/helpdezk/helpdezk-1.1.1.zip Version: 1.1.1 Category: Webapps Tested on:...

httpd: Weak Digest auth nonce generation in mod_auth_digest

In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed...

Facturation System 1.0 - modid SQL Injection

Facturation System 1.0 - modid SQL Injection Exploit Title: Facturation System 1.0 - 'modid' SQL Injection Dork: N/A Date: 2018-11-08 Exploit Author: Ihsan Sencan Vendor Homepage: http://obedalvarado.pw/simple-invoice/ Software Link:...

School Event Management System 1.0 Shell Upload

Exploit Title: School Event Management System 1.0 - Arbitrary File Upload Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/sems1.zip Version: 1.0...

Seeker v1.0.7 - Get Accurate Location using a Fake Website

Concept behind Seeker is simple, just like we host phishing pages to get credentials why not host a fake page that requests your loction just like many popular location based websites. Seeker Hosts a fake website on Apache Server and uses Ngrok , website asks for Location Permission and if the us...

mod_perl: arbitrary Perl code execution in the context of the user account via a user-owned .htaccess

modperl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because contrary to the documentation there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting...

httpd: CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir

It was found that Apache was vulnerable to a HTTP response splitting attack for sites which use moduserdir. An attacker could use this flaw to inject CRLF characters into the HTTP header and could possibly gain access to secure data...

Apache HTTP Server Response Splitting Vulnerability (CNVD-2018-15542)

Apache HTTP Server is the United States Apache Apache Software Foundation, an open source web server. The server is fast, reliable and can be expanded through a simple API. A response splitting vulnerability exists in Apache HTTP Server versions 2.4.1 through 2.4.23 and 2.2.0 through 2.2.31. An...

CVE-2016-4975

Possible CRLF injection allowing HTTP response splitting attacks for sites which use moduserdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the "Location" or other outbound header key or value. Fixed in Apache HTTP Server 2.4.25 Affected...

Mail.ru: [info.tmgame.mail.ru] Apache Server Status

Open Apache Server Status in info.tmgame.mail.ru tmgame.mail.ru is not currently covered by Bug Bounty program...

Seeker - Find GeoLocation With High Accuracy

Seeker utilizes HTML5, Javascript, JQuery and PHP to grab Device Information and GeoLocation with High Accuracy. Other tools and services offer IP Geolocation which is not very accurate and does not give location of user. Generally if a user accepts location permsission, Accuracy of the informati...

UBUNTU-CVE-2018-8011

By specially crafting HTTP requests, the modmd challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. Fixed in Apache HTTP Server 2.4.34 Affected 2.4.33...

DEBIAN-CVE-2018-8011

By specially crafting HTTP requests, the modmd challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. Fixed in Apache HTTP Server 2.4.34 Affected 2.4.33...

httpd: CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir

It was found that Apache was vulnerable to a HTTP response splitting attack for sites which use moduserdir. An attacker could use this flaw to inject CRLF characters into the HTTP header and could possibly gain access to secure data...

Online Trade - Information Disclosure

Exploit Title: Online Trade 1 - Information Disclosure Date: 2018-07-03 Exploit Author: L0RD Vendor Homepage: https://codecanyon.net/item/online-trade-online-forex-and-cryptocurrency-investment-system/21987193?srank=14 CVE: CVE-2018-12908 Version: 1 Tested on: Win 10...