CVE-2015-0251

CVE-2015-0251 affects Subversion’s mod_dav_svn server. The vulnerability arises from improper handling of the svn:author property in crafted v1 HTTP protocol request sequences, allowing remote authenticated users to spoof author information. Affected products/versions include Subversion 1.5.0–1.7...

CVE-2015-0251

The moddavsvn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:author property via a crafted v1 HTTP protocol request sequences...

CVE-2015-0251

The moddavsvn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:author property via a crafted v1 HTTP protocol request sequences...

CVE-2015-0251

The moddavsvn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:author property via a crafted v1 HTTP protocol request sequences...

Apache Axis2 Web Services Detection (HTTP)

HTTP based detection of Apache Axis2 Web Services. SPDX-FileCopyrightText: 2015 SCHUTZWERK GmbH SPDX-FileCopyrightText: Reworked detection methods / pattern / code since 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

[SECURITY] Fedora 20 Update: libhtp-0.5.6-3.fc20

LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. The goals of the project, in the order of importance, are as follows: 1. Completeness of coverage; 2. Permissive parsing; 3. Awareness of evasion techniques; 4. Performance;...

wdcp X-Forwarded-For injected vulnerability analysis-vulnerability warning-the black bar safety net

Originally this article want and on the article written together, but because of Bad typography will further write this post. 1 3 years of vulnerability, the Internet also does not have this vulnerability details this vulnerability to use the tool, so hold learning mentality, try to analyze it. 0...

http-wordpress-users NSE Script

Enumerates usernames in Wordpress blog/CMS installations by exploiting an information disclosure vulnerability existing in versions 2.6, 3.1, 3.1.1, 3.1.3 and 3.2-beta2 and possibly others. Original advisory: Script Arguments http-wordpress-users.out If set it saves the username list in this file...

[SECURITY] Fedora 20 Update: libhtp-0.5.6-2.fc20

LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. The goals of the project, in the order of importance, are as follows: 1. Completeness of coverage; 2. Permissive parsing; 3. Awareness of evasion techniques; 4. Performance;...

[SECURITY] Fedora 21 Update: libhtp-0.5.16-1.fc21

LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. The goals of the project, in the order of importance, are as follows: 1. Completeness of coverage; 2. Permissive parsing; 3. Awareness of evasion techniques; 4. Performance;...

NetDecision-Dashboard-1.0

Author : Prabhu S Angadi SecPod Technologies www.secpod.com Vendor : http://www.netmechanica.com Advisory : http://secpod.org/blog/?p=478 http://secpod.org/advisories/SecPodNetmechanicaNetDecisionDashboardServerInfoDiscVuln.txt...

WebsiteBaker 2.8.3 - Multiple Vulnerabilities

============================================= MGC ALERT 2014-004 - Original release date: March 11, 2014 - Last revised: November 18, 2014 - Discovered by: Manuel Garcia Cardenas - Severity: 10/10 CVSS Base Score ============================================= I. VULNERABILITY...

Oracle E-Business Suite/Oracle Forms RCE Vulnerability (Oct 2014) - Active Check

Oracle E-Business Suite/Oracle Forms is prone to a remote code execution RCE vulnerability in the Oracle Applications Technology Stack. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holder...

Piwigo 2.6.0 - picture.php?rate SQL Injection

Piwigo 2.6.0 - picture.php?rate SQL Injection ============================================= MGC ALERT 2014-001 - Original release date: January 12, 2014 - Last revised: November 12, 2014 - Discovered by: Manuel García Cárdenas - Severity: 7,1/10 CVSS Base Score...

[SECURITY] Fedora 20 Update: jakarta-commons-httpclient-3.1-15.fc20

The Hyper-Text Transfer Protocol HTTP is perhaps the most significant protocol used on the Internet today. Web services, network-enabled appliances and the growth of network computing continue to expand the role of the HTTP protocol beyond user-driven web browsers, and increase the number of...

[SECURITY] Fedora 19 Update: jakarta-commons-httpclient-3.1-15.fc19

The Hyper-Text Transfer Protocol HTTP is perhaps the most significant protocol used on the Internet today. Web services, network-enabled appliances and the growth of network computing continue to expand the role of the HTTP protocol beyond user-driven web browsers, and increase the number of...

SlowHTTPTest - Application Layer DoS attack simulator

SlowHTTPTest is a highly configurable tool that simulates some Application Layer Denial of Service attacks. It works on majority of Linux platforms, OSX and Cygwin - a Unix-like environment and command-line interface for Microsoft Windows. It implements most common low-bandwidth Application Layer...

PHP Webquest <= 2.5 (id_actividad) Remote SQL Injection Exploit

No description provided by source. / script name : phpwebquest script version : 2.5 script website : http://phpwebquest.org Bug Finder : D4realTeaM 'unkn0wnX','n3t-mapper','ToxiC350'; injected file : webquest/soportederechaw.php Variable : idactividad Contact : n3t-mapp3r At hotmail dot com,is14m...

Quicktime Player <= 7.3.1.70 (rtsp) Buffer Overflow Vulnerability

No description provided by source. Luigi Auriemma Application: Quicktime Player http://www.apple.com/quicktime Versions: = 7.3.1.70 Platforms: Windows and Mac Bug: buffer-overflow Exploitation: remote Date: 10 Jan 2008 Thanx to: swirl for the help during the re-testing of the bug Author: Luigi...

Sambar Server 4.3/4.4 beta 3 Search CGI Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1684/info The Sambar Server was created to test a three-tier communication infrastructure modeled after the Sybase Open Client/Open Server. Soon thereafter, the idea of leveraging the infrastructure for dynamic delivery o...