21 matches found
📄 Metasploit Web Delivery PHP Proof of Concept
This project presents an advanced proof of concept that emulates the behavior of Metasploit's multi/script/webdelivery module using PHP. The goal is to demonstrate how script-based payload delivery works in a modular and extensible way, without relying directly on Metasploit. The script launches ...
EUVD-2025-1991
Malicious code in bioql PyPI...
The vulnerability of the Product Delivery Service component of the software for collecting, analyzing, and visualizing meteorological data, Visual Weather, and related products such as NAMIS, Aero Weather, and Satellite Weather, allows a perpetrator to execute arbitrary code or cause service failures.
The vulnerability of the Product Delivery Service component of the software for collecting, analyzing, and visualizing meteorological data Visual Weather and related products such as NAMIS and Aero Weather lies in insufficient validation of input data. Exploiting this vulnerability could allow an...
@dm3-org/delivery-service (>=1.4.0 <=1.7.1), @dm3-org/dm3-backend (>=1.0.1 <=1.7.1) +18 more potentially affected by unknown CVE via @dm3-org/dm3-lib-shared (=1.7.2)
@dm3-org/dm3-lib-shared NPM version =1.7.2 is affected by a known vulnerability. The following packages have a transitive dependency on @dm3-org/dm3-lib-shared and may be impacted: - @dm3-org/delivery-service =1.4.0, =1.0.1, =1.0.5, =1.0.5, =1.0.5, =1.0.5, =1.0.5, =0.0.1-alpha1, =1.0.5, =1.4.0,...
CVE-2025-1077
CVE-2025-1077 affects IBL Software Engineering Visual Weather and derived products (NAMIS, Aero Weather, Satellite Weather) via the Product Delivery Service (PDS) when the PDS pipeline uses the IPDS pipeline with Message Editor Output Filters enabled. The vulnerability allows a remote, unauthenti...
delivery-service-systems.de Cross Site Scripting vulnerability OBB-3620045
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
PT-2023-4839 · D Link · D-Link Dap-2622
Name of the Vulnerable Software and Affected Versions: D-Link DAP-2622 affected versions not specified Description: The issue is related to a buffer overflow in the DDP service of the D-Link DAP-2622 wireless access point firmware. This can be exploited by a remote attacker to execute arbitrary...
OpenStack Image Registry and Delivery Service (Glance) Improper Input Validation vulnerability
The Sheepdog backend in OpenStack Image Registry and Delivery Service Glance 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote authenticated users with permission to insert or modify an image to execute arbitrary commands via a crafted location...
delivery-service-systems.de Cross Site Scripting vulnerability OBB-2320052
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Cloudflare Isn't Liable for Sites That Hawk Counterfeits
A federal judge ruled that the content-delivery service doesn't "contribute" to copyright infringement...
"You cannot logon to the specified server" error when login to Storefront server.
Only certain users cannot log on to storefront. Following events can be seen on the storefront server : Security events logs : Event 4625, Microsoft Window security auditing Failure Information : Failure Reason : User not allowed to logon at this computer. Status : 0xC000006E Citrix Delivery...
Computing at the Edge
Welcome to the Akamai October 2020 Update - a week of product updates, new features, and innovations. We'll be highlighting a different area of our portfolio each day this week. In today's post, we look at our enhanced edge computing capabilities and how they help developers more effectively and...
Google funded delivery service Dunzo hacked; 11GB worth of data leaked
By Waqas The exact date of Dunzo data breach is unclear however its database was leaked last week. This is a post from HackRead.com Read the original post: Google funded delivery service Dunzo hacked; 11GB worth of data leaked...
Amazon Promises Fix to Stop Key Service Hack
Researchers at Rhino Security Labs identified a flaw in Amazon’s Key delivery service and Cloud Cam security camera that allows a rogue courier to tamper with the camera and knock it offline, making it appear no one is entering home, when that’s not the case. Amazon Key service allows homeowners ...
OpenStack Image Registry Delivery Service Arbitrary File Manipulation Vulnerability
The OpenStack Image Registry Delivery Service is an OpenStack project that stores, queries, and retrieves virtual machine images. An arbitrary file manipulation vulnerability exists in OpenStack Image Registry Delivery Service versions prior to 2014.1.4, and 2014.2.x versions prior to 2014.2.2,...
CVE-2015-1195
The CVE-2015-1195 issue concerns OpenStack Image Registry Delivery Service (Glance) V2 API where versions prior to 2014.1.4 and 2014.2.x prior to 2014.2.2 allow an authenticated remote user to read or delete arbitrary files via a full pathname in a filesystem:// URL in the image location property...
PT-2014-3508 · Openstack · Openstack Image Registry/Delivery Service
Name of the Vulnerable Software and Affected Versions: OpenStack Image Registry and Delivery Service Glance versions 2013.2 before 2013.2.4 OpenStack Image Registry and Delivery Service Glance versions icehouse before icehouse-rc2 Description: The issue allows remote authenticated users with...
CVE-2014-0162
The Sheepdog backend in OpenStack Image Registry and Delivery Service Glance 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote authenticated users with permission to insert or modify an image to execute arbitrary commands via a crafted location...
CVE-2013-4354
The API before 2.1 in OpenStack Image Registry and Delivery Service Glance makes it easier for local users to inject images into arbitrary tenants by adding the tenant as a member of the image...
CVE-2013-4428
CVE-2013-4428 affects the OpenStack Image Registry and Delivery Service (Glance) in the Folsom/Grizzly line before 2013.1.4 and Havana before 2013.2. The issue is a flaw in the download_image policy enforcement for cached system images: after an image is cached by an authorized download, any auth...