9 matches found
CVE-2019-11229
models/repomirror.go in Gitea before 1.7.6 and 1.8.x before 1.8-RC3 mishandles mirror repo URL settings, leading to remote code execution...
buhlan.de Improper Access Control vulnerability OBB-3818027
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
cricketarchive.com Cross Site Scripting vulnerability OBB-3120206
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Gitea 1.7.5 Remote Code Execution
Exploit Title: Gitea 1.7.5 - Remote Code Execution Date: 2020-05-11 Exploit Author: 1F98D Original Author: LoRexxar Software Link: https://gitea.io/en-us/ Version: Gitea before 1.7.6 and 1.8.x before 1.8-RC3 Tested on: Debian 9.11 x64 CVE: CVE-2019-11229 References:...
Gitea 1.7.5 - Remote Code Execution
Exploit Title: Gitea 1.7.5 - Remote Code Execution Date: 2020-05-11 Exploit Author: 1F98D Original Author: LoRexxar Software Link: https://gitea.io/en-us/ Version: Gitea before 1.7.6 and 1.8.x before 1.8-RC3 Tested on: Debian 9.11 x64 CVE: CVE-2019-11229 References:...
semomls.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1147670 Security Researcher cvesh Helped patch 9 vulnerabilities Received 0 Coordinated Disclosure badges , found a security vulnerability affecting semomls.com website and its users. Following coordinated and responsible vulnerability disclosure guidelines of the ISO 2914...
CVE-2019-11229
creationtimestamp| type| source ---|---|--- 2019-07-24 15:31:39+00:00| published-proof-of-concept| https://t.me/antichat/5984 2021-01-06 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/49383...
Gitea < 1.7.6 or < 1.8.0-rc3 Multiple Vulnerabilities
Gitea is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitea:gitea"; if description...
CVE-2019-11229
CVE-2019-11229 affects Gitea before 1.7.6 and 1.8.x before 1.8-RC3. The root cause is in models/repo_mirror.go where mirror repo URL settings are mishandled, enabling remote code execution. Public exploits exist (e.g., exploit-db, packetstorm). Mitigation: upgrade to fixed releases (1.7.6 or 1.8....