197 matches found
Malicious Package
Overview sap-authorize is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab
It was found that the Key Recovery Authority KRA Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting XSS vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code...
How to Restore Your Mac to Factory Settings
Restoring your Mac to the factory settings can help fix problems if nothing else has worked. You should also restore your Mac to the factory settings before giving away or selling it to get rid of all your personal files and information. Because following the instructions below will wipe out all ...
CVE-2018-1000015
On Jenkins instances with Authorize Project plugin, the authentication associated with a build may lack the Computer/Build permission on some agents. This did not prevent the execution of Pipeline node blocks on those agents due to incorrect permissions checks in Pipeline: Nodes and Processes...
CVE-2018-1000015
On Jenkins instances with Authorize Project plugin, the authentication associated with a build may lack the Computer/Build permission on some agents. This did not prevent the execution of Pipeline node blocks on those agents due to incorrect permissions checks in Pipeline: Nodes and Processes...
CVE-2018-1000015
On Jenkins instances with Authorize Project plugin, the authentication associated with a build may lack the Computer/Build permission on some agents. This did not prevent the execution of Pipeline node blocks on those agents due to incorrect permissions checks in Pipeline: Nodes and Processes...
IdentityServer3 authorize response page cross-site scripting vulnerability
IdentityServer3 is a .NET-based access control plug-in for Web applications. A cross-site scripting vulnerability in the Angular expression of the IdentityServer3 authorize response page allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be use...
CVE-2017-12677
IdentityServer3 2.4.x, 2.5.x, and 2.6.x before 2.6.1 has XSS in an Angular expression on the authorize response page, which might allow remote attackers to obtain sensitive information about the IdentityServer authorization response...
CVE-2016-0320
CVE-2016-0320 affects IBM UrbanCode Deploy. Description: an authenticated user could modify UCD objects via multiple REST endpoints that do not properly authorize edits, potentially altering behavior of legitimately triggered processes. Affected versions include UrbanCode Deploy 6.0 through 6.2.x...
Linux/x86 - Reverse Shell using Xterm ///usr/bin/xterm -display 127.1.1.1:10 Shellcode (68 bytes)
/ Title : Linux , Reverse Shell using Xterm , ///usr/bin/xterm -display 127.1.1.1:10 Date : 12-07-2016 Author : RTV Tested On : Ubuntu x86 shellcode :...
CVE-2015-3158
The invokeNextValve function in identity/federation/bindings/tomcat/idp/AbstractIDPValve.java in PicketLink before 2.8.0.Beta1 does not properly check role based authorization, which allows remote authenticated users to gain access to restricted application resources via a 1 direct request or 2...
ISC BIND 9.4-ESV < 9.4-ESV-R4 / 9.6.2 < 9.6.2-P3, 9.6-ESV < 9.6-ESV-R3 / 9.7.x < 9.7.2-P3 Multiple Vulnerabilities
Binary data 5718.prm...
Fast FAQs System - Authentication Bypass
Fast FAQs System - Authentication Bypass -=Fast FAQs System=- Autore: x0r Email: [email protected] Cms Site: http://fastcreators.com/products/fastfaq/download.php Bug In \admin\authorize.php $query = "select from admin where userid='$POST'uname'' AND pass='$POST'pass''"; Exploit: ' or '1=1 Greetz:...
Fast FAQs System - Authentication Bypass
-=Fast FAQs System=- Autore: x0r Email: [email protected] Cms Site: http://fastcreators.com/products/fastfaq/download.php Bug In \admin\authorize.php $query = "select from admin where userid='$POST'uname'' AND pass='$POST'pass''"; Exploit: ' or '1=1 Greetz: Anna...Strabica...Emetta... Vi Amo.. -- w00t...
CVE-2006-4267
Multiple SQL injection vulnerabilities in CubeCart 3.0.11 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 oid parameter in modules/gateway/Protx/confirmed.php and the 2 xinvoicenum parameter in modules/gateway/Authorize/confirmed.php...
CVE-2006-4267
Multiple SQL injection vulnerabilities in CubeCart 3.0.11 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 oid parameter in modules/gateway/Protx/confirmed.php and the 2 xinvoicenum parameter in modules/gateway/Authorize/confirmed.php...
Unintentionally logging credit card transactions
Solar Designer of the Openwall Project reported a security vulnerability in the contributed authorizenet module which is part of the ecommerce package. Credit card information was being stored in a system log file. The system should not be saving this information. Versions affected Please check t...