Kartpay: Duplicate Entry of email leads to 500 Server Error which disclosing the SQL Database table information

The Issue was with the process of Deletion of the merchant data from the admin Dashboard. The Admin has rights to delete the merchant email ID and further, it gets deleted as Soft delete, not the full delete but there was no Validation to the codes which can detect the re-registration of the same...

Kartpay: Misconfiguration of Merchant id in jwt header + Weird Debug mode enabling behavior leads to exposed OTP of mobile number.

The Verification email Content was able to decrypt easily and leads to disclosure of information that was supposed to be provided after account verification is completed. Secondly, For a Limited time Production was put on debug mode but it was left with it. so now it has been fixed...

Laravel 8.4.2 debug mode - Remote code execution

Exploit Title: Laravel 8.4.2 debug mode - Remote code execution Date: 1.14.2021 Exploit Author: SunCSR Team Vendor Homepage: https://laravel.com/ References: https://www.ambionics.io/blog/laravel-debug-rce https://viblo.asia/p/6J3ZgN8PKmB Version: = 8.4.2 Tested on: Ubuntu 18.04 + nginx + php 7.4...

Laravel 8.4.2 Remote Code Execution

Exploit Title: Laravel 8.4.2 debug mode - Remote code execution Date: 1.14.2021 Exploit Author: SunCSR Team Vendor Homepage: https://laravel.com/ References: https://www.ambionics.io/blog/laravel-debug-rce https://viblo.asia/p/6J3ZgN8PKmB Version: = 8.4.2 Tested on: Ubuntu 18.04 + nginx + php 7.4...

CVE-2021-3129

Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of filegetcontents and fileputcontents. This is exploitable on sites using debug mode with Laravel before 8.4.2...

CVE-2021-3129

CVE-2021-3129 affects Laravel Ignition (and Laravel < 8.4.2) where insecure use of file_get_contents()/file_put_contents in debug mode allows unauthenticated RCE. Exploitable versions: Laravel Ignition < 2.5.2 and Laravel

PT-2021-4652

Name of the Vulnerable Software and Affected Versions Laravel versions prior to 8.4.2 Ignition versions prior to 2.5.2 Description The issue is related to insecure usage of file get contents and file put contents in the Ignition library used by Laravel. This allows unauthenticated remote attacker...

CVE-2021-3129

Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of filegetcontents and fileputcontents. This is exploitable on sites using debug mode with Laravel before 8.4.2. Recent assessments: ccondon-r7...

WordPress Easy WP SMTP Password Reset

Wordpress plugin Easy WP SMTP versions use auxiliary/scanner/http/wpeasywpsmtp msf auxiliarywpeasywpsmtp show actions ...actions... msf auxiliarywpeasywpsmtp set ACTION msf auxiliarywpeasywpsmtp show options ...show and set options... msf auxiliarywpeasywpsmtp run This module requires Metasploit:...

NewStart CGSL CORE 5.04 / MAIN 5.04 : docker-ce Multiple Vulnerabilities (NS-SA-2020-0082)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has docker-ce packages installed that are affected by multiple vulnerabilities: - Lack of content verification in Docker-CE Also known as Moby versions 1.12.6-0, 1.10.3, 17.03.0, 17.03.1, 17.03.2, 17.06.0, 17.06.1, 17.06.2,...

PYSEC-2020-323

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a DCHECK which is no-op outside of debug compilation modes. Since the function always returns the dimension of the first tensor, malicious attackers can...

PT-2020-14279 · Google +1 · Tensorflow +1

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 1.15.4 TensorFlow versions prior to 2.0.3 TensorFlow versions prior to 2.1.2 TensorFlow versions prior to 2.2.1 TensorFlow versions prior to 2.3.1 Description: The issue arises when determining the common dimensio...

Dropcontact: Django should not have debug mode enabled

We were displaying sensitive information...

Dropcontact: Registering with email [ +70 Chars ] Lead to Disclose some informations [Django Debug Mode ]

We were displaying / leaking sytems information in case of app crash...

Dropcontact: Django DEBUG mode enabled and leaked system information.

We were leaking / showing system information. Django DEBUG mode was enabled and showing some information on some errors.I just follow the errors and finally got some sensitive system information such as configuation ,API keys ,Database users ,System Directories,etc...

[SECURITY] [DLA 2327-1] lucene-solr security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2327-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany August 15, 2020 htps://wiki.debian.org/LTS -...

DEBIAN-CVE-2020-11993

Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of modhttp2 above "info" will mitigate this...

Information Exposure

Overview snyk-broker is a package that proxies access between snyk.io and your Git repositories, such as GitHub Enterprise, GitHub.com and Bitbucket Server. Snyk Broker can also be used to enable a secure connection with your on-premise Jira deployment. Affected versions of this package are...

Information Disclosure

docker is vulnerable to information disclosure. The vulnerability exists as debug mode may sometimes add secrets to the debug log. This applies to a scenario where docker stack deploy is run to redeploy a stack that includes non external secrets. It potentially applies to other API users of the...

CVE-2020-11656

In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement...