294 matches found
HTTP Virtual Host Scanner: VHostScan
A virtual host scanner that can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages. First presented at SecTalks BNE in September 2017 Key Benefits Quickly highlight unique content in catch-all scenarios Locate the outliers in catch-all scenarios where results...
Microsoft Edge Chakra Parser::ParseCatch Failed eval Handle
Microsoft Edge: Chakra: Parser::ParseCatch doesn't handle "eval" CVE-2017-11764 In Javascript, the code executed by a direct call to eval shares the caller block's scopes. Chakra handles this from the parser. And there's a bug when it parses "eval" in a catch statement's param. ParseNodePtr...
polarkoru.fi XSS vulnerability
Vulnerable URL: http://www.polarkoru.fi/itemdetail.php?n=PKR-20335=Fresh Water Pearl Bracelet. Toggle catch 925 Sterling Silver.=item/20110425231349/www.PolarKoru 20335.jpg"';-- Details: Description| Value ---|--- Patched:| No Latest check for patch:| 21.11.2017 Vulnerability type:| XSS...
python-oslo-middleware: CatchErrors leaks sensitive values into error logs
An information-disclosure flaw was found in oslo.middleware. Software using the CatchError class could include sensitive values in a traceback's error message. System users could exploit this flaw to obtain sensitive information from OpenStack component error logs for example, keystone tokens...
python-oslo-middleware: CatchErrors leaks sensitive values into error logs
An information-disclosure flaw was found in oslo.middleware. Software using the CatchError class could include sensitive values in a traceback's error message. System users could exploit this flaw to obtain sensitive information from OpenStack component error logs for example, keystone tokens...
hfs2. 3X remote code execution exploit-vulnerability warning-the black bar safety net
hfs 2.3 X many catch the chicken hackers like to use it to spread the Trojan, but the last in a tick look to this software broke a remote code execution vulnerability No CVE2014-6 2 8 7) The blogger looked after very interested in so you try to play a bit ! 2 0 1 6 0 3 2 8 1 1 3 3 3 0 First on...
Miku,FreeMp3♬GROOVE CATCH S.E - Dangerous filesystem permissions, WebView SSL handling enabled, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Miku,FreeMp3♬GROOVE CATCH S.E published at the 'play' market has multiple vulnerabilities...
View Content Permission Set not Complete.
The Content Permission Set returned from the method getViewContentPermissions is incomplete. It appears to only contain a single ContentPermission object regardless of how many View permisisons have been attached to a Page. 1 Create a new page 2 Assign a View restriction for 1 group 3 Assign View...
qpid-cpp-server-cluster: unauthorized broker access caused by the use of NullAuthenticator catch-up shadow connections
Apache QPID 0.14, 0.16, and earlier uses a NullAuthenticator mechanism to authenticate catch-up shadow connections to AMQP brokers, which allows remote attackers to bypass authentication...
qpid-cpp-server-cluster: unauthorized broker access caused by the use of NullAuthenticator catch-up shadow connections
Apache QPID 0.14, 0.16, and earlier uses a NullAuthenticator mechanism to authenticate catch-up shadow connections to AMQP brokers, which allows remote attackers to bypass authentication...
Recursive eval call causes confirm dialogs to evaluate to true — Mozilla
Security researcher Zach Hoffman reported that a recursive call to eval wrapped in a try/catch statement places the browser into a inconsistent state. Any dialog box opened in this state is displayed without text and with non-functioning buttons. Closing the window causes the dialog to evaluate t...
PHP168 whole Station system of 0DAY-vulnerability warning-the black bar safety net
The first description under this hole is in the other places to see, just he did not say very clearly, a lot of the vegetable dishes are Do not understand, I take it I first posted it in! This hole is actually the use of the program coding vulnerabilities, download the configuration and the login...
Insider revealed the thunder catch the chicken to achieve a method and prevention tips-vulnerability warning-the black bar safety net
The world's largest sorrow, than they are to harm you, unbeknownst to you also for him too beholden to. Such absurd things, only in the TV series appear in? You ever think of yourself will become like that? If you don't believe, after reading this article the quasi surprise you! Thundercatch the...
pear-XML_RPC -- information disclosure vulnerabilities
The pear-XMLRPC release notes reports that the following issues has been fixed: Eliminate path disclosure vulnerabilities by suppressing error messages when eval'ing. Eliminate path disclosure vulnerability by catching bogus parameters submitted to XMLRPCValue::serializeval...