EUVD-2023-42127

Malicious code in bioql PyPI...

CVE-2023-38308

An issue was discovered in Webmin 2.021. A Cross-Site Scripting XSS vulnerability was discovered in the HTTP Tunnel functionality when handling third-party domain URLs. By providing a crafted URL from a third-party domain, an attacker can inject malicious code. leading to the execution of arbitra...

Webmin < 2.100 Multiple Vulnerabilities

According to its self-reported version, the Webmin install hosted on the remote host is prior to 2.100. It is, therefore, affected by multiple vulnerabilities: - A Cross-Site Scripting XSS vulnerability exists in the Users Real name parameter. - A Cross-Site Scripting XSS vulnerability exists in...

CVE-2023-38308

An issue was discovered in Webmin 2.021. A Cross-Site Scripting XSS vulnerability was discovered in the HTTP Tunnel functionality when handling third-party domain URLs. By providing a crafted URL from a third-party domain, an attacker can inject malicious code. leading to the execution of arbitra...

CVE-2023-38308

An issue was discovered in Webmin 2.021. A Cross-Site Scripting XSS vulnerability was discovered in the HTTP Tunnel functionality when handling third-party domain URLs. By providing a crafted URL from a third-party domain, an attacker can inject malicious code. leading to the execution of arbitra...

Cross site scripting

An issue was discovered in Webmin 2.021. A Cross-Site Scripting XSS vulnerability was discovered in the HTTP Tunnel functionality when handling third-party domain URLs. By providing a crafted URL from a third-party domain, an attacker can inject malicious code. leading to the execution of arbitra...

PT-2023-4155 · Webmin +1 · Webmin +1

Name of the Vulnerable Software and Affected Versions: Webmin version 2.021 Description: A Cross-Site Scripting XSS issue was discovered in the HTTP Tunnel functionality when handling third-party domain URLs. By providing a crafted URL from a third-party domain, an attacker can inject malicious...

CVE-2023-38308

CVE-2023-38308 affects Webmin 2.021, with a Cross-Site Scripting (XSS) vulnerability in the HTTP Tunnel feature when handling third-party domain URLs. By supplying a crafted URL from a third-party domain, an attacker can inject arbitrary JavaScript to execute in the victim’s browser context. Seve...

CVE-2023-38308

An issue was discovered in Webmin 2.021. A Cross-Site Scripting XSS vulnerability was discovered in the HTTP Tunnel functionality when handling third-party domain URLs. By providing a crafted URL from a third-party domain, an attacker can inject malicious code. leading to the execution of arbitra...

MGASA-2022-0272 Updated webmin packages fix security vulnerability

The webmin package has been updated to version 1.998, fixing XSS issues in the HTTP Tunnel and Read Mail modules, along with several other bugs...

ABPTTS - TCP Tunneling Over HTTP/HTTPS For Web Application Servers

A Black Path Toward The Sun TCP tunneling over HTTP for web application servers https://www.blackhat.com/us-16/arsenal.htmla-black-path-toward-the-sun Ben Lincoln, NCC Group, 2016 ABPTTS uses a Python client script and a web application server page/package1 to tunnel TCP traffic over an HTTP/HTTP...

Tunna - Set Of Tools Which Will Wrap And Tunnel Any TCP Communication Over HTTP

Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments. SUMMARY TLDR: Tunnels TCP connections over HTTP In a fully firewalled inbound and outbound connections restricted - except the...

UBUNTU-CVE-2017-6472

In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an RTMPT dissector infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rtmpt.c by properly incrementing a certain sequence value...

Reflective DLL Injection, Windows Reverse HTTP Stager (wininet)

Inject a DLL via a reflective loader. Tunnel communication over HTTP Windows wininet This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 444 include Msf::Payload::Stager include...

Another to bypass the firewall method-vulnerability warning-the black bar safety net

Using the Http channel software can break through the firewall restrictions, the use of only Http access permissions access to other Internet applications. So what is the channel? Here the so-called channel refers to a method to bypass the firewall port shield means of communication. The firewall...

How to make tcp packets and udp packets penetrating the network firewall-vulnerability warning-the black bar safety net

Through this article httptunnel technology At the same time escaped the firewall shield, as well as the system's tracking test, we can see the network Safety relying only on some or a few of the means are unreliable, while the security system of blind dependence tends to create huge security risk...

Do not think that the installation of a firewall,I political don't you-vulnerability warning-the black bar safety net

How to make tcp packets and udp packets through the firewall by this article httptunnel technology At the same time escaped the firewall shield, as well as the system's tracking test, we can seeNetworksafe to rely only on some or a few of the means are unreliable, while the security system of bli...