CVE-2019-18867

Browsable directories in Blaauw Remote Kiln Control through v3.00r4 allow an attacker to enumerate sensitive filenames and locations, including source code. This affects /ajax/, /common/, /engine/, /flash/, /images/, /Images/, /jscripts/, /lang/, /layout/, /programs/, and /sms/...

CVE-2019-18867

Technical details about CVE-2019-18867 are not publicly provided in the supplied connected documents. Monitor for updates from vendors and security advisories.

CVE-2019-9428

In the Framework, it is possible to set up BROWSEABLE intents to take over certain URLs. This could lead to remote information disclosure of sensitive URLs with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:...

TripAdvisor Browsable Intent Arbitrary URL Loading Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on vulnerable installations of TripAdvisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of browsab...

JoomlaScan - Tool To Find The Components Installed In Joomla CMS, Built Out Of The Ashes Of Joomscan

A free and open source software to find the components installed in Joomla CMS, built out of the ashes of Joomscan. Features Scanning the Joomla CMS sites in search of components/extensions database of more than 600 components; Locate the browsable folders of component Index of ...; Locate the...

TrevorC2 - Command and Control via Legitimate Behavior over HTTP

TrevorC2 is a client/server model for masking command and control through a normally browsable website. Detection becomes much harder as time intervals are different and does not use POST requests for data exfil. There are two components to TrevorC2 - the client and the server. The client can be...

Android Meterpreter Browsable Launcher

This module allows you to open an android meterpreter via a browser. An Android meterpreter must be installed as an application beforehand on the target device in order to use this. For best results, you can consider using the auxiliary/client/sms/sendtext to trick your target into opening the...

UBUNTU-CVE-2014-7905

Google Chrome before 39.0.2171.65 on Android does not prevent navigation to a URL in cases where an intent for the URL lacks CATEGORYBROWSABLE, which allows remote attackers to bypass intended access restrictions via a crafted web site...

Browsable Web Directories

Multiple Nessus plugins identified directories on the web server that are browsable. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid40984; scriptversion"1.10"; scriptsetattributeattribute:"pluginmodificationdate",...

Microsoft IIS /scripts Directory Browsable (deprecated)

The /scripts directory is browsable. This gives an attacker valuable information about which default scripts you have installed and also whether there are any custom scripts present that may have vulnerabilities. This plugin has been deprecated. Webmirror3 plugin ID 10662 will identify a browsabl...