7 matches found
Microsoft IIS 6.0 ASP Stack Exhaustion Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft IIS 6.0 ASP Stack Exhaustion Denial of Service', 'Description' = %q The vulnerability allows remote unauthenticated attackers to force...
schema security vulnerability
schema is a library from gorilla open source. Converts structures to and from form values. A security vulnerability exists in schema versions prior to 1.4.1, which stems from vulnerability to a memory exhaustion vulnerability...
CVE-2023-52431
The Plack::Middleware::XSRFBlock package before 0.0.19 for Perl allows attackers to bypass a CSRF protection mechanism via an empty form value and an empty cookie if signed cookies are disabled...
Cross site request forgery (csrf)
The Plack::Middleware::XSRFBlock package before 0.0.19 for Perl allows attackers to bypass a CSRF protection mechanism via an empty form value and an empty cookie if signed cookies are disabled...
CVE-2023-52431
The Plack::Middleware::XSRFBlock package before 0.0.19 for Perl allows attackers to bypass a CSRF protection mechanism via an empty form value and an empty cookie if signed cookies are disabled...
PT-2023-9029 · Golang +10 · Golang +10
Name of the Vulnerable Software and Affected Versions: Golang affected versions not specified Description: The issue is related to the consumption of large amounts of CPU and memory when processing form inputs containing a large number of parts. This can be caused by several factors, including th...
Microsoft IIS 6.0 ASP Stack Exhaustion Denial of Service
The vulnerability allows remote unauthenticated attackers to force the IIS server to become unresponsive until the IIS service is restarted manually by the administrator. Required is that Active Server Pages are hosted by the IIS and that an ASP script reads out a Post Form value. This module...