Fortinet FortiWeb Multiple Vulnerabilities (FG-IR-13-009)

Fortinet FortiWeb is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:fortinet:fortiweb"; if...

Pivotal Software management plugin CRLF injection vulnerability

Pivotal Software RabbitMQ is a British company Pivotal Software's set of implementation of the Advanced Message Queuing Protocol AMQP open source message broker software. RabbitMQ management is one of the management plug-in . A CRLF injection vulnerability exists in the management plugin for...

OpenSchool Community Edition 2.2 XSS / Access Bypass

Exploit Title: OpenSchool Community Edition version 2.2 Multiple Vulnerabilities Date: 25 January 2015 Exploit Author: Mahendra Vendor Homepage: www.open-school.org Software Link: http://sourceforge.net/projects/fiyo-cms/ Full version demo: http://www.tryopenschool.com Version: 2.2 Tested : Kali...

Square: HTTP Header revealing server information.

Hi Square, - Vulneravility Class: OWASP A5: Security Misconfiguration - Proof of Concept: nc 74.122.190.83 80 GET / HTTP/1.1 host:1.1.1.1 HTTP/1.1 301 Moved Permanently Transfer-Encoding: chunked Connection: keep-alive Status: 301 Moved Permanently Location: https://squareup.com/ X-Powered-By:...

Firefox Meta Referrer A Move Toward Browser Privacy

The HTTP Referer header is a marketer’s dream, and a privacy nightmare all in one. The header contains tracking information that organizations can use for statistical traffic analysis and naturally to promote services to the right audience. It started out by including just the last page the user...

ALCASAR 'index.php' Crafted HTTP Header RCE

The ALCASAR network access controller hosted on the remote web server is affected by a remote code execution vulnerability due to not properly sanitizing user-supplied input to the 'host' HTTP header passed to the 'index.php' script. A remote, unauthenticated attacker can exploit this issue to...

CVE-2015-0219

Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 allows remote attackers to spoof WSGI headers by using an underscore character instead of a - dash character in an HTTP header, as demonstrated by an X-AuthUser header...

CVE-2015-0219

CVE-2015-0219 affects Django: WSGI headers can be spoofed when an underscore is used instead of a dash in HTTP header names (e.g., X-Auth_User). Affected versions are Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3. The root cause is unclear from the provided initial document, b...

Open redirect

Open redirect vulnerability in lib/Cake/Controller/Controller.php in AdaptCMS 3.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the HTTP Referer header...

Sierra Wireless AirCard 760S/762S/763S Mobile Hotspot CRLF Injection

Sierra Wireless AirCard 760S/762S/763S Mobile Hotspot CRLF Injection Overview Sierra Wireless produces a mobile wi-fi hotspot device that is popular amongst telecommunication companies for re-branding to suit local markets. The AirCard 760S/762S/763S Web-based Administrative Console suffers from ...

Authentication flaw

VDG Security SENSE formerly DIVA before 2.3.15 allows remote attackers to bypass authentication, and consequently read and modify arbitrary plugin settings, via an encoded : colon character in the Authorization HTTP header...

CVE-2014-9575

VDG Security SENSE formerly DIVA before 2.3.15 allows remote attackers to bypass authentication, and consequently read and modify arbitrary plugin settings, via an encoded : colon character in the Authorization HTTP header...

CVE-2014-9575

VDG Security SENSE formerly DIVA before 2.3.15 allows remote attackers to bypass authentication, and consequently read and modify arbitrary plugin settings, via an encoded : colon character in the Authorization HTTP header...

CVE-2014-9575

CVE-2014-9575 affects VDG Security SENSE (formerly DIVA) before 2.3.15. A crafted encoded colon in the Authorization header allows remote attackers to bypass authentication and read/modify arbitrary plugin settings. Remediation: upgrade to 2.3.16 (or later) per available changelog. The reports co...

WordPress Simple Visitor Stat Plugin <= 4.5.2 BYPASS

Because of these vulnerabilities, the attackers can inject arbitrary HTML or web script via the HTTP User-Agent or HTTP Referer header. Solution No fix have been released...

Sql injection

SQL injection vulnerability in Php/Functions/logfunction.php in phpTrafficA 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via a User-Agent HTTP header...

CVE-2014-7263

Cross-site scripting XSS vulnerability in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted HTTP header, a different vulnerability than CVE-2014-7261...

Cross site scripting

Cross-site scripting XSS vulnerability in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted HTTP header, a different vulnerability than CVE-2014-7261...

CVE-2014-7263

CVE-2014-7263 : i-HTTPD (Windows) contains a flaw in processing HTTP headers that enables cross‑site scripting via a crafted header. The vulnerability allows a remote attacker to induce arbitrary script execution in a user’s browser. The JVN entry notes this is a separate issue from CVE-2014-7261...

JVN#87910097: i-HTTPD vulnerable to cross-site scripting

i-HTTPD is a web server for Windows. i-HTTPD contains a flaw in processing HTTP header, which may lead to cross-site scripting CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Do not use i-HTTPD i-HTTPD is no longer being developed or maintained. It is...