WordPress plugin HTTP Headers SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in the...

EulerOS 2.0 SP9 : haproxy (EulerOS-SA-2023-1845)

According to the versions of the haproxy package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka 'request...

Fixed in Apache Tomcat 9.0.75

Important: Information disclosure CVE-2023-34981 The fix for bug 66512 introduced a regression that was fixed as bug 66591. The regression meant that, if a response did not have any HTTP headers set, no AJP SENDHEADERS message would be sent which in turn meant that at least one AJP based proxy...

K000133759: Python vulnerability CVE-2020-26116

Security Advisory Description http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of...

EulerOS Virtualization 3.0.2.0 : grub2 (EulerOS-SA-2023-1722)

According to the versions of the grub2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to...

File Thingie 2.5.7 - Remote Code Execution (RCE)

!/usr/bin/python Exploit Title: File Thingie 2.5.7 - Arbitary File Upload to RCE Google Dork: N/A Date: 27th of April, 2023 Exploit Author: Maurice Fielenbach grimlockx - Hexastrike Cybersecurity UG haftungsbeschränkt Software Link: https://github.com/leefish/filethingie Version: 2.5.7 Tested on:...

Denial Of Service (DoS)

traefik is vulnerable to Denial of Service DoS. The vulnerability exists in when parsing the HTTP headers that could allocate substantially more memory than required causing an application crash...

WordPress HTTP Headers Plugin < 1.18.8 is vulnerable to SQL Injection

Software HTTP Headers Type Plugin Vulnerable versions 1.18.8 Fixed in 1.18.8 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-1207 Patch priority Low CVSS severity Low 6.6 Developer Claim ownership PSID 4e6306d4524c Credits qerogramat Kakao Style Corp. Required privilege...

HTTP Headers < 1.18.8 - Admin+ SQL Injection

This plugin has an import functionality which executes arbitrary SQL on the server, leading to an SQL Injection vulnerability. 1. Create an SQL file with the following contents: UPDATE wpoptions SET optionvalue = "Hacked" WHERE optionname = "blogname" 2. As an admin user within WP Admin, navigate...

HTTP Headers < 1.18.8 - Admin+ SQL Injection

This plugin has an import functionality which executes arbitrary SQL on the server, leading to an SQL Injection vulnerability. PoC 1. Create an SQL file with the following contents: UPDATE wpoptions SET optionvalue = "Hacked" WHERE optionname = "blogname" 2. As an admin user within WP Admin,...

Denial Of Service (DoS)

github.com/golang/go is vulnerable to Denial of Service DoS attacks. Unusual patterns of input data cause the upcomingHeaderNewlines function to parse HTTP and MIME headers which allocates more memory than required, causing the application to crash via memory exhaustion...

CVE-2023-29013 HTTP header parsing could cause a deny of service

Traefik pronounced traffic is a modern HTTP reverse proxy and load balancer for deploying microservices. There is a vulnerability in Go when parsing the HTTP headers, which impacts Traefik. HTTP header parsing could allocate substantially more memory than required to hold the parsed headers. This...

Containous Traefik 资源管理错误漏洞

Containous Traefik is a reverse proxy and load balancer from Containous Corporation. Containous Traefik suffers from a Resource Management Error vulnerability that occurs when GO allocates more memory when parsing HTTP headers than is required to save the parsed headers. An attacker could exploit...

haproxy: request smuggling attack in HTTP/1 header parsing

A flaw was found in HAProxy's headers processing that causes HAProxy to drop important headers fields such as Connection, Content-length, Transfer-Encoding, and Host after having partially processed them. A maliciously crafted HTTP request could be used in an HTTP request smuggling attack to bypa...

GHSA-7HJ9-RV74-5G92 Traefik HTTP header parsing could cause a denial of service

Impact There is a vulnerability in Go when parsing the HTTP headers, which impacts Traefik. HTTP header parsing could allocate substantially more memory than required to hold the parsed headers. This behavior could be exploited to cause a denial of service. References - CVE-2023-24534 Patches -...

Debian dla-3384 : libtomcat9-embed-java - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3384 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3384-1 [email protected]...

SUSE CVE-2023-24534

HTTP and MIME header parsing can allocate large amounts of memory, even when parsing small inputs, potentially leading to a denial of service. Certain unusual patterns of input data can cause the common function used to parse HTTP and MIME headers to allocate substantially more memory than requir...

[SECURITY] [DLA 3384-1] tomcat9 security update

Debian LTS Advisory DLA-3384-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany April 05, 2023 https://wiki.debian.org/LTS Package : tomcat9 Version : 9.0.31-1deb10u8 CVE ID : CVE-2022-42252 CVE-2023-28708 Debian Bug : 1033475 Two security vulnerabilities have been...

Desktop Central 9.1.0 CRLF Injection / Server-Side Request Forgery

Exploit Title: Desktop Central 9.1.0 - Multiple Vulnerabilities Discovery by: Rafael Pedrero Discovery Date: 2021-02-14 Software Link : http://www.desktopcentral.com Tested Version: 9.1.0 Build No: 91084 Tested on: Windows 10 Vulnerability Type: CRLF injection CRLF - 1 CVSS v3: 6.1 CVSS vector:...

Waf-Bypass - Check Your WAF Before An Attacker Does

WAF bypass Tool is an open source tool to analyze the security of any WAF for False Positives and False Negatives using predefined and customizable payloads. Check your WAF before an attacker does. WAF Bypass Tool is developed by Nemesida WAF team with the participation of community. How to run I...