EUVD-2000-0926

Malware in sbrugna...

CVE-2023-38314

An issue was discovered in OpenNDS Captive Portal before version 10.1.2. It has a NULL pointer dereference in preauthenticated that can be triggered with a crafted GET HTTP request with a missing redirect query string parameter. Triggering this issue results in crashing OpenNDS a Denial-of-Servic...

CVE-2023-38313

An issue was discovered in OpenNDS Captive Portal before 10.1.2. it has a dobinauth NULL pointer dereference that can be triggered with a crafted GET HTTP request with a missing client redirect query string parameter. Triggering this issue results in crashing openNDS a Denial-of-Service condition...

xss by swf file

In confluence comment module user can embed swf file in their comment, confluence are using a atltoken parameter on GET HTTP request, if the attacker send the link of .swf file the value of src on embed tag to his victim the malicious .SWF won't execute on the victim's browser . We can bypass thi...

CVE-2000-0920

Boa Web Server prior to 0.94.8.3 is affected by a directory traversal vulnerability (CVE-2000-0920) that lets remote attackers read arbitrary files by using a modified .. path with encoded dot characters (%2E) in GET requests. Root cause: improper handling of path traversal in Boa’s file access. ...

CVE-2000-0939

CVE-2000-0939 affects Samba’s Web Administration Tool (SWAT) shipped with Samba 2.0.7. The issue allows a remote attacker over the network to trigger a denial-of-service by repeatedly sending a nonstandard URL in the GET HTTP request, forcing SWAT to restart. Connected sources corroborate SWAT ex...