NewStart CGSL CORE 5.04 / MAIN 5.04 : git Vulnerability (NS-SA-2019-0027)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has git packages installed that are affected by a vulnerability: - In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a crafte...

SET v8.0.1 - The Social-Engineer Toolkit

Copyright 2019 The Social-Engineer Toolkit SET Written by: David Kennedy ReL1K Company: TrustedSec DISCLAIMER: This is only for testing purposes and can only be used where strict consent has been given. Do not use this for illegal purposes, period. Please read the LICENSE under readme/LICENSE for...

CVE-2018-20894

cPanel before 74.0.0 makes web-site contents accessible to other local users via Git repositories SEC-443...

CVE-2018-20894

cPanel before 74.0.0 makes web-site contents accessible to other local users via Git repositories SEC-443...

Design/Logic Flaw

cPanel before 74.0.0 makes web-site contents accessible to other local users via Git repositories SEC-443...

CVE-2018-20894

CVE-2018-20894 affects cPanel prior to 74.0.0, where website contents can be exposed to other local users via Git repositories. Root cause: misconfiguration in Git repositories used by the web-site content handling allows local users to access content that should be restricted. Impact: partial co...

CVE-2018-20894

cPanel before 74.0.0 makes web-site contents accessible to other local users via Git repositories SEC-443...

WeebDNS - DNS Enumeration With Asynchronicity

DNSEnumeration Tool with Asynchronicity. Features WeebDNS is an 'Asynchronous' DNS Enumeration Tool made with Python3 which makes it much faster than normal Tools. PREREQUISITES Python 3.x pip3 git PYTHON 3 PREREQUISITES aiohttp asyncio aiodns Installation Resolve dependencies Ubuntu/Debian Syste...

GitLab: Git flag injection - local file overwrite to remote code execution

Summary The wikiblobs scope of the Search API can be provided with an arbitrary ref parameter, allowing for additional flags to be injected into the git command. For example the following API call: curl --header "PRIVATE-TOKEN: $TOKEN"...

Arbitrary File Reads And Writes

github.com/b3log/wide is vulnerable to many arbitrary file read and write attacks. The attacker can launch three types of attacks: 1 writing arbitrary code in the editor and running three times for read access to arbitrary files. 2 creating a symlink for a ZIP archive to trigger an arbirary file...

CVE-2019-13915

b3log Wide before 1.6.0 allows three types of attacks to access arbitrary files. First, the attacker can write code in the editor, and compile and run it approximately three times to read an arbitrary file. Second, the attacker can create a symlink, and then place the symlink into a ZIP archive. ...

CVE-2019-13915

b3log Wide before 1.6.0 allows three types of attacks to access arbitrary files. First, the attacker can write code in the editor, and compile and run it approximately three times to read an arbitrary file. Second, the attacker can create a symlink, and then place the symlink into a ZIP archive. ...

Design/Logic Flaw

b3log Wide before 1.6.0 allows three types of attacks to access arbitrary files. First, the attacker can write code in the editor, and compile and run it approximately three times to read an arbitrary file. Second, the attacker can create a symlink, and then place the symlink into a ZIP archive. ...

CVE-2019-13915

b3log Wide before 1.6.0 allows three types of attacks to access arbitrary files. First, the attacker can write code in the editor, and compile and run it approximately three times to read an arbitrary file. Second, the attacker can create a symlink, and then place the symlink into a ZIP archive. ...

CVE-2019-13915

CVE-2019-13915 : In b3log Wide, prior to version 1.6.0, three attack types enable arbitrary file read/write. 1) An attacker can insert and run code in the editor about three times to read an arbitrary file. 2) An attacker can create a symlink and place it in a ZIP archive; an unzip operation gran...

PT-2019-13474 · B3Log · B3Log Wide

Name of the Vulnerable Software and Affected Versions: b3log Wide versions prior to 1.6.0 Description: The issue allows an attacker to access arbitrary files through three types of attacks. First, an attacker can write and execute code in the editor to read arbitrary files. Second, an attacker ca...

Passpie - Multiplatform Command-Line Password Manager

Passpie is a command line tool to manage passwords from the terminal with a colorful and configurable interface. Use a master passphrase to decrypt login credentials, copy passwords to clipboard, syncronize with a git repository, check the state of your passwords, and more. Password files are...

Security update for helm (moderate)

openSUSE Security Update: Security update for helm Announcement ID: openSUSE-SU-2019:1703-1 Rating: moderate References: 1118897 1118898 1118899 Cross-References: CVE-2018-16873 CVE-2018-16874 CVE-2018-16875 Affected Products: SUSE Package Hub for SUSE Linux Enterprise 12 An update that fixes thr...

CVE-2019-1010315

WavPack 5.1 and earlier is affected by: CWE 369: Divide by Zero. The impact is: Divide by zero can lead to sudden crash of a software/service that tries to parse a .wav file. The component is: ParseDsdiffHeaderConfig dsdiff.c:282. The attack vector is: Maliciously crafted .wav file. The fixed...

Fbchecker - Facebook Mass Account Checker

Facebook Mass Account Checker Simple Installation : apt install git apt install php git clone https://github.com/fdciabdul/fbchecker cd fbchecker php fbcheck.php Usage php fbcheck.php target.txt Download Fbchecker...