8 matches found
http-protection security vulnerabilities
http-protection is a network attack protection library developed by Rogério Zambon. Version 0.2.0 of http-protection contains security vulnerabilities; these vulnerabilities stem from IP spoofing, which may allow attackers to bypass the protected middleware and gain unauthorized access...
CVE-2023-27588 Unauthenticated path traversal vulnerability in Hasura GraphQL Engine
Hasura is an open-source product that provides users GraphQL or REST APIs. A path traversal vulnerability has been discovered within Hasura GraphQL Engine prior to versions 1.3.4, 2.55.1, 2.20.1, and 2.21.0-beta1. Projects running on Hasura Cloud were not vulnerable. Self-hosted Hasura Projects...
Cisco IOS XE 数据伪造问题漏洞
Cisco IOS XE Software is an operating system from Cisco, Inc. A single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. Cisco IOS XE Software suffers from a Data Forgery Issue vulnerability that stems from...
Crystal Shard http-protection 0.2.0 - IP Spoofing Bypass
Crystal Shard http-protection version 0.2.0 suffers from an IP spoofing bypass vulnerability. Exploit Title : Crystal Shard http-protection 0.2.0 - IP Spoofing Bypass Exploit Author : Halis Duraki @0xduraki Date : 2020-05-28 Product : http-protection Crystal Shard Product URI :...
Crystal Shard http-protection 0.2.0 - IP Spoofing Bypass Vulnerability
Exploit for multiple platform in category web applications Exploit Title : Crystal Shard http-protection 0.2.0 - IP Spoofing Bypass Exploit Author : Halis Duraki @0xduraki Product : http-protection Crystal Shard Product URI : https://github.com/rogeriozambon/http-protection Version :...
Crystal Shard http-protection 0.2.0 IP Spoofing Bypass
Exploit Title : Crystal Shard http-protection 0.2.0 - IP Spoofing Bypass Exploit Author : Halis Duraki @0xduraki Date : 2020-05-28 Product : http-protection Crystal Shard Product URI : https://github.com/rogeriozambon/http-protection Version : http-protection = 0.2.0 CVE : N/A About the product...
Crystal Shard http-protection 0.2.0 - IP Spoofing Bypass
Exploit Title : Crystal Shard http-protection 0.2.0 - IP Spoofing Bypass Exploit Author : Halis Duraki @0xduraki Date : 2020-05-28 Product : http-protection Crystal Shard Product URI : https://github.com/rogeriozambon/http-protection Version : http-protection = 0.2.0 CVE : N/A About the product...
CVE-2017-7323
The 1 update and 2 package-installation features in MODX Revolution 2.5.4-pl and earlier use http://rest.modx.com by default, which allows man-in-the-middle attackers to spoof servers and trigger the execution of arbitrary code by leveraging the lack of the HTTPS protection mechanism...