QNAP QTS and Photo Station Local File Inclusion

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'QNAP QTS and Photo Station Local File Inclusion', 'Description' = %q This module exploits a local file inclusion in QNAP QTS and Photo Station th...

Pulse Secure VPN Arbitrary File Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pulse Secure VPN Arbitrary File Disclosure', 'Description' = %q This module exploits a pre-auth directory traversal in the Pulse Secure VPN serve...

Oracle Application Testing Suite Post-Auth DownloadServlet Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rkelly' class MetasploitModule 'Oracle Application Testing Suite Post-Auth DownloadServlet Directory Traversal', 'Description' = %q This module exploits a...

GO-2024-3100 Chisel's AUTH environment variable not respected in server entrypoint in github.com/jpillora/chisel

Chisel's AUTH environment variable not respected in server entrypoint in github.com/jpillora/chisel...

FreeBSD : RabbitMQ-C -- auth credentials visible in commandline tool options (7e9cc7fd-6b3e-46c5-ad6d-409d90d41bbf)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7e9cc7fd-6b3e-46c5-ad6d-409d90d41bbf advisory. hadmut reports: This C library includes 2 command-line tools that can take credentials as command-line...

Chisel's AUTH environment variable not respected in server entrypoint

Summary The Chisel server doesn't ever read the documented AUTH environment variable used to set credentials, which allows any unauthenticated user to connect, even if credentials were set. This advisory is a formalization of a report sent to the maintainer via email. Details In the help page for...

Medical Center Portal 1.0 SQL Injection

============================================================================================================================================= | Title : Medical Center Portal 1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 ...

CVE-2024-43798 Chisel AUTH environment variable not respected in server entrypoint

Chisel is a fast TCP/UDP tunnel, transported over HTTP, secured via SSH. The Chisel server doesn't ever read the documented AUTH environment variable used to set credentials, which allows any unauthenticated user to connect, even if credentials were set. Anyone running the Chisel server that is...

CVE-2024-43798 Chisel AUTH environment variable not respected in server entrypoint

Chisel is a fast TCP/UDP tunnel, transported over HTTP, secured via SSH. The Chisel server doesn't ever read the documented AUTH environment variable used to set credentials, which allows any unauthenticated user to connect, even if credentials were set. Anyone running the Chisel server that is...

CVE-2023-26315

The Xiaomi router AX9000 has a post-authentication command injection vulnerability. This vulnerability is caused by the lack of input filtering, allowing an attacker to exploit it to obtain root access to the device...

Employee Record Management System 1.0 SQL Injection

============================================================================================================================================= | Title : ERMS Project 1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64 bits |...

DETS Project 1.0 SQL Injection

============================================================================================================================================= | Title : DETS Project 1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64 bits |...

PT-2024-31254 · Unknown · Picuploader

Name of the Vulnerable Software and Affected Versions: PicUploader version fcf82ea Description: A cross-site scripting XSS issue exists in the /auth/AzureRedirect.php component, allowing attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the error description...

Biobook Social Networking Site 1.0 SQL Injection

============================================================================================================================================= | Title : biobook Social Networking Site 1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

PT-2024-30263 · Autman · Autman

Name of the Vulnerable Software and Affected Versions: autMan version 2.9.6 Description: The issue allows attackers to bypass authentication via a crafted web request. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents whe...

AVMS Project 1.0 SQL Injection

============================================================================================================================================= | Title : AVMS Project 1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64 bits |...

GO-2022-0405 Potential privilege escalation on Kubernetes >= v1.19 when the Argo Sever is run with `--auth-mode=client` in github.com/argoproj/argo-workflows

Potential privilege escalation on Kubernetes = v1.19 when the Argo Sever is run with --auth-mode=client in github.com/argoproj/argo-workflows...

Apache HugeGraph Gremlin command injection

Added: 08/20/2024 Background Apache HugeGraph is a graph database. HugeGraph supports Gremlin, a graph traversal language. Problem A vulnerability in Apache HugeGraph allows remote attackers to bypass sandbox restrictions and execute arbitrary commands through Gremlin. Resolution Upgrade to...

Apache HugeGraph Gremlin command injection

Added: 08/20/2024 Background Apache HugeGraph is a graph database. HugeGraph supports Gremlin, a graph traversal language. Problem A vulnerability in Apache HugeGraph allows remote attackers to bypass sandbox restrictions and execute arbitrary commands through Gremlin. Resolution Upgrade to...

CLSA-2024-1723826300 wget: Fix of CVE-2024-38428

CVE-2024-38428: properly re-implement userinfo parsing rfc2396 - Fix wget Test-proxied-https-auth.px and Test-proxied-https-auth.px tests failing - Providing wget -O and -q parameters while running in background generates a wget-log file...