679 matches found
Oracle E-Business Suite/Oracle Forms RCE Vulnerability (Oct 2014) - Active Check
Oracle E-Business Suite/Oracle Forms is prone to a remote code execution RCE vulnerability in the Oracle Applications Technology Stack. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holder...
[SECURITY] Fedora 20 Update: jakarta-commons-httpclient-3.1-15.fc20
The Hyper-Text Transfer Protocol HTTP is perhaps the most significant protocol used on the Internet today. Web services, network-enabled appliances and the growth of network computing continue to expand the role of the HTTP protocol beyond user-driven web browsers, and increase the number of...
[SECURITY] Fedora 19 Update: jakarta-commons-httpclient-3.1-15.fc19
The Hyper-Text Transfer Protocol HTTP is perhaps the most significant protocol used on the Internet today. Web services, network-enabled appliances and the growth of network computing continue to expand the role of the HTTP protocol beyond user-driven web browsers, and increase the number of...
SlowHTTPTest - Application Layer DoS attack simulator
SlowHTTPTest is a highly configurable tool that simulates some Application Layer Denial of Service attacks. It works on majority of Linux platforms, OSX and Cygwin - a Unix-like environment and command-line interface for Microsoft Windows. It implements most common low-bandwidth Application Layer...
CuteNews <= 1.4.0 (shell inject) Remote Command Execution Exploit
No description provided by source. ?php cutenxpl.php CuteNews 1.4.0possibly prior versions remote code execution by rgod site: http://rgod.altervista.org usage: launch form Apache, fill in requested fields, then go! make these changes in php.ini if you have troubles with this script:...
Quicktime Player <= 7.3.1.70 (rtsp) Buffer Overflow Vulnerability
No description provided by source. Luigi Auriemma Application: Quicktime Player http://www.apple.com/quicktime Versions: = 7.3.1.70 Platforms: Windows and Mac Bug: buffer-overflow Exploitation: remote Date: 10 Jan 2008 Thanx to: swirl for the help during the re-testing of the bug Author: Luigi...
PHP Webquest <= 2.5 (id_actividad) Remote SQL Injection Exploit
No description provided by source. / script name : phpwebquest script version : 2.5 script website : http://phpwebquest.org Bug Finder : D4realTeaM 'unkn0wnX','n3t-mapper','ToxiC350'; injected file : webquest/soportederechaw.php Variable : idactividad Contact : n3t-mapp3r At hotmail dot com,is14m...
Sambar Server 4.3/4.4 beta 3 Search CGI Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1684/info The Sambar Server was created to test a three-tier communication infrastructure modeled after the Sybase Open Client/Open Server. Soon thereafter, the idea of leveraging the infrastructure for dynamic delivery o...
Automattic: Serving Transitions From: HTTP Protocol (not secure)
Dear Sir, I've Noticed from your SourceCode that you are using HTTP Protocol, and that will makes Insecure served for data transition. we will give the attacker a chance for "MIMT" man in the middle attack as you know that the name of the attack itself explain the steps. -check the source code of...
PHPBTTracker+ 2.2 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: PHPBTTracker+ 2.2 SQL Injection Date: May 13th, 2014 Exploit Author: BackBox Team Vendor Homepage: http://phpbttrkplus.sourceforge.net/ Software Link: http://sourceforge.net/projects/phpbttrkplus/files/ Version: PHPBTTracker+ 2....
Fedora 20 : libgadu-1.12.0-0.3.rc2.fc20 (2014-2391)
Security vulnerability fix in HTTP protocol handling. A specially crafted server reply may cause memory overwrite and arbitrary code execution. CVE-2013-6487. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...
Accept Answer URL should be idempotent and accept PUT or POST requests only
Answers currently users a single URL to both accept and un-accept answers: noformat $baseurl/acceptanswer/$answerid. noformat If this URL is requested and the answer in question is currently un-accepted, its state will be changed to accepted. If the answer in question is already accepted, it will...
Accept Answer URL should be idempotent and accept PUT or POST requests only
panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-46610. panel Answers currently users a single URL to both accept and un-accept answers: noformat $baseurl/acceptanswer/$answerid...
Accept Answer URL should be idempotent and accept PUT or POST requests only
panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-46610. panel Answers currently users a single URL to both accept and un-accept answers: noformat $baseurl/acceptanswer/$answerid...
Accept Answer URL should be idempotent and accept PUT or POST requests only
panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Cloud. Using Confluence Server? See the corresponding bug report|http://jira.atlassian.com/browse/CONFSERVER-46610. panel Answers currently users a single URL to both accept and un-accept answers: noformat $baseurl/acceptanswer/$answeri...
Juniper Junos SRX Series flowd Remote DoS (JSA10611)
According to its self-reported version number, the remote Juniper Junos SRX series device is affected by a denial of service vulnerability in the flow daemon flowd when handling certain valid HTTP protocol messages. A remote attacker can exploit this to crash the device. Note that this issue only...
Juniper Networks Junos OS Denial of Service Vulnerability while Processing HTTP Traffic
Denial of Service vulnerability in flowd while processing valid HTTP traffic. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Oracle Supply Chain Products Suite - Remote Security
source: https://www.securityfocus.com/bid/64836/info Oracle Supply Chain Products Suite is prone to a remote vulnerability in Oracle Demantra Demand Management. The vulnerability can be exploited over the 'HTTP' protocol. The 'DM Others' sub component is affected. Attackers can exploit this issue...
Oracle Supply Chain Products Suite - Remote Security
Oracle Supply Chain Products Suite - Remote Security source: https://www.securityfocus.com/bid/64836/info Oracle Supply Chain Products Suite is prone to a remote vulnerability in Oracle Demantra Demand Management. The vulnerability can be exploited over the 'HTTP' protocol. The 'DM Others' sub...
Analysis under Windows platform Android app caught mining vulnerability method-vulnerability warning-the black bar safety net
0×0 1 A generally idea In Android 7 5% of the market share, all kinds of Android application layer not poor, the attendant is the wave of the vulnerability. In various markets, feel free to flip it, are almost always connected to the network application, which in to the user experience but also t...