196 matches found
Bricks Builder < 1.5.4 - Subscriber+ Arbitrary Post/Page Edition
The theme does not have authorisation in an AJAX action, which could allow any authenticated users such as subscriber to call it and edit any page, post, or template on the blog PoC 1. Start with a clean Wordpress install 2. Install Bricks builder v1.5.3 3. Enable registrations on the website...
Bricks Builder < 1.5.4 - Subscriber+ Arbitrary Post/Page Edition
The theme does not have authorisation in an AJAX action, which could allow any authenticated users such as subscriber to call it and edit any page, post, or template on the blog 1. Start with a clean Wordpress install 2. Install Bricks builder v1.5.3 3. Enable registrations on the website 4...
Pimcore 跨站脚本漏洞
Pimcore is an open source Web content management platform for creating and managing Web applications from the Austrian company Pimcore. The platform integrates Web content management, e-commerce framework and product information management applications. 10.4.0 versions of Pimcore before the...
Cross-site Scripting (XSS) - Reflected in pimcore/pimcore
Description Reflected cross site scripting vulnerability in pimpore/pimcore , it is in group field in Field collections and objectbricks in settings module. Proof of Concept 1 .Login to demo account 2 . Go to settings module --data objects --object bricks or Field collection -- edit any one and a...
[SECURITY] Fedora 28 Update: glusterfs-4.0.2-1.fc28
GlusterFS is a distributed file-system capable of scaling to several petabytes. It aggregates various storage bricks over Infiniband RDMA or TCP/IP interconnect into one large parallel network file system. GlusterFS is one of the most sophisticated file systems in terms of features and...
[SECURITY] Fedora 27 Update: glusterfs-3.12.2-2.fc27
GlusterFS is a distributed file-system capable of scaling to several petabytes. It aggregates various storage bricks over Infiniband RDMA or TCP/IP interconnect into one large parallel network file system. GlusterFS is one of the most sophisticated file systems in terms of features and...
Bricks Breaker King - Dangerous filesystem permissions, Runtime privilege escalation, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Bricks Breaker King published at the 'play' market has multiple vulnerabilities...
Best Bricks, block puzzle - Base64 encoded String, Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Best Bricks, block puzzle published at the 'play' market has multiple vulnerabilities...
Sick Bricks - Base64 encoded String, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Sick Bricks published at the 'play' market has multiple vulnerabilities...
Break Bricks - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application Break Bricks published at the 'play' market has multiple vulnerabilities...
[OWASP Broken Web Applications Project VM v1.1] Collection of vulnerable web applications
The Broken Web Applications BWA Project is a collection of vulnerable web applications that is distributed on a Virtual Machine. The Broken Web Applications BWA Project produces a Virtual Machine running a variety of applications with known vulnerabilities for those interested in: Learning about...
2.0: appliance-base / redhat-storage-server /tmp file creation vuln
Red Hat Storage 2.0 allows local users to overwrite arbitrary files via a symlink attack on the 1 e, 2 local-bricks.list, 3 bricks.err, or 4 limits.conf files in /tmp...
[SECURITY] Fedora 17 Update: kubrick-4.10.5-1.fc17
Kubrick is a puzzle cube solving game. The cube sizes range from 2x2x2 easy up to 6x6x6 very hard, or you can play with irregular =E2=80=9Cbricks=E2=80=9D such as 5x3x2 and =E2=80=9Cmats=E2=80=9D one cubi e thick such as 6x4x1. The game has a selection of puzzles at several levels of difficulty, ...
[SECURITY] Fedora 18 Update: kbreakout-4.10.5-1.fc18
The objective KBreakout game is to destroy as many bricks as possible without losing the ball...
[SECURITY] Fedora 17 Update: kubrick-4.10.4-1.fc17
Kubrick is a puzzle cube solving game. The cube sizes range from 2x2x2 easy up to 6x6x6 very hard, or you can play with irregular =E2=80=9Cbricks=E2=80=9D such as 5x3x2 and =E2=80=9Cmats=E2=80=9D one cubi e thick such as 6x4x1. The game has a selection of puzzles at several levels of difficulty, ...
[OWASP Bricks] Modular Deliberately Vulnerable Web Application
Bricks is a deliberately vulnerable web application built on PHP and MySQL. The project focuses on variations of commonly seen application security vulnerabilities and exploits. Each 'brick' has some sort of vulnerability which can be exploited using tools Mantra and ZAP. The mission is to 'break...