WordPress 5.2.3 - Cross-Site Host Modification Exploit

Exploit for php platform in category web applications !/usr/bin/perl -w Wordpress Type: Remote Risk: High Solution: Set security headers to web server and no-cache for Cache-Control Simple Attack Scenarios: o This attack can bypass Simple WAF to access restricted content on the web server,...

Puppet Information Disclosure Vulnerability (CNVD-2017-38115)

Puppet is the United States Puppet Labs a set of client/server C / S architecture based configuration management tools . The tool can be used to manage configuration files , users, cron tasks, packages, system services and so on. An information disclosure vulnerability exists in the default vhost...

UBUNTU-CVE-2014-3250

The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4...

DEBIAN-CVE-2014-3250

The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4...