CVE-2020-5019

CVE-2020-5019 affects IBM Spectrum Protect Plus 10.1.0–10.1.6. The vulnerability is an HTTP header injection caused by improper validation of the Host header, which an attacker can exploit by sending a crafted HTTP request to inject the Host header and trigger attacks such as cross-site scripting...

IBM Spectrum Protect和IBM Spectrum Protect Plus 注入漏洞

IBM Spectrum Protect Plus is a data protection and availability solution for virtualized environments that can be deployed in minutes and protect your environment in less than an hour. An HTTP header injection vulnerability exists in IBM Spectrum Protect Plus 10.1.0 - 10.1.6. The vulnerability...

Security Bulletin: Multiple vulnerabilities in IBM Spectrum Protect Plus (CVE-2020-5017, CVE-2020-5018, CVE-2020-5019, CVE-2020-5020, CVE-2020-5021, CVE-2020-5022)

Summary IBM Spectrum Protect Plus is vulnerable to exposure of sensitive data, clickjacking, HTTP header injection, failure to invalidate sessions, and unauthorized access to information. Vulnerability Details CVEID: CVE-2020-5018 DESCRIPTION: IBM Spectrum Protect Plus may include sensitive...

CVE-2020-17518

Apache Flink 1.5.1 introduced a REST handler that allows you to write an uploaded file to an arbitrary location on the local file system, through a maliciously modified HTTP HEADER. The files can be written to any location accessible by Flink 1.5.1. All users should upgrade to Flink 1.11.3 or...

Arbitrary File Write

flink-runtime is vulnerable to arbitrary file write. The vulnerability exists as files can be written to any accessible location through the modified value of HTTP HEADER...

CVE-2020-17518

Apache Flink 1.5.1 introduced a REST handler that allows you to write an uploaded file to an arbitrary location on the local file system, through a maliciously modified HTTP HEADER. The files can be written to any location accessible by Flink 1.5.1. All users should upgrade to Flink 1.11.3 or...

AZL-44148 CVE-2020-28852 affecting package buildah for versions less than 1.41.4-2

In x/text in Go before v0.3.5, a "slice bounds out of range" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. x/text/language is supposed to be able to parse an HTTP Accept-Language header...

Out-of-bounds

In x/text in Go before v0.3.5, a "slice bounds out of range" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. x/text/language is supposed to be able to parse an HTTP Accept-Language header...

MTN Group: Reflected XSS on gamesclub.mtn.com.g

hello dear I have found Reflected XSS on gamesclub.mtn.com.g parameters injectable /header.aspx my payload "; HTTP Header input Referer was set to https://www.google.com/search?hl=en&q=testing'"&%gQmT9082 HTTP request =========== GET /header.aspx HTTP/1.1 Host: gamesclub.mtn.com.gh...

Cross site scripting

Sentrifugo 3.2 allows Stored Cross-Site Scripting XSS vulnerability by inserting a payload within the X-Forwarded-For HTTP header during the login process. When an administrator looks at logs, the payload is executed. NOTE: This vulnerability only affects products that are no longer supported by...

CVE-2020-28365

CVE-2020-28365 affects Sentrifugo 3.2. A stored XSS can be triggered by inserting a payload into the X-Forwarded-For header during login; when an administrator views logs, the payload is executed. Several connected sources corroborate that this vulnerability originates in the login flow and is re...

CVE-2020-28365

Sentrifugo 3.2 allows Stored Cross-Site Scripting XSS vulnerability by inserting a payload within the X-Forwarded-For HTTP header during the login process. When an administrator looks at logs, the payload is executed. NOTE: This vulnerability only affects products that are no longer supported by...

Pivotal RabbitMQ 3.7.x < 3.7.21 / 3.8.x < 3.8.1 Denial of Service

Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. The 'X-Reason' HTTP Header can be...

SUSE SLED15 / SLES15 Security Update : python3 (SUSE-SU-2020:3930-1)

This update for python3 fixes the following issues : Fixed CVE-2020-27619 bsc1178009, where Lib/test/multibytecodecsupport calls eval on content retrieved via HTTP. Change setuptools and pip version numbers according to new wheels Handful of changes to make python36 compatible with SLE15 and SLE1...

Spiceworks 7.5 - HTTP Header Injection

Exploit Title: Spiceworks 7.5 - HTTP Header Injection Google Dork: inurl:/prousers/login Discovered Date: 15/09/2020 Exploit Author: Ramikan Vendor Homepage: https://www.spiceworks.com Affected Version: 7.5.7.0 may be others. Tested On Version: 7.5.7.0 CVE : CVE-2020-25901 Vulnerability: Host...

Spiceworks 7.5 HTTP Header Injection

Exploit Title: Spiceworks 7.5 - HTTP Header Injection Google Dork: inurl:/prousers/login Discovered Date: 15/09/2020 Exploit Author: Ramikan Vendor Homepage: https://www.spiceworks.com Affected Version: 7.5.7.0 may be others. Tested On Version: 7.5.7.0 CVE : CVE-2020-25901 Vulnerability: Host...

Amazon Linux AMI : tomcat7 (ALAS-2020-1472) (deprecated)

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ALAS-2020-1472 advisory. - In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approa...

The vulnerability of the Node.js software platform is related to an error in handling HTTP headers, which allows attackers to trigger a service failure.

The vulnerability of the Node.js software platform is related to an error in handling HTTP header names. Exploiting this vulnerability can allow a remote attacker to cause service failures...

Low: tomcat7

Issue Overview: A flaw was found in Apache Tomcat. The HTTP header parsing code used an approach to end-of-line EOL parsing that allowed some invalid HTTP headers to be parsed as valid. This led to the possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that...

(0Day) D-Link DCS-960L HTTP Authorization Header Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DCS-960L Wi-Fi cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP server, which listens on TCP port 80 by default. A...