8834 matches found
WordPress TheCartPress Plugin 1.1.1 local/remote file include vulnerability
No description provided by source...
squid: multiple issues in ESI processing
Buffer overflow and input validation flaws were found in the way Squid processed ESI responses. If Squid was used as a reverse proxy, or for TLS/HTTPS interception, a remote attacker able to control ESI components on an HTTP server could use these flaws to crash Squid, disclose parts of the stack...
squid: multiple issues in ESI processing
Buffer overflow and input validation flaws were found in the way Squid processed ESI responses. If Squid was used as a reverse proxy, or for TLS/HTTPS interception, a remote attacker able to control ESI components on an HTTP server could use these flaws to crash Squid, disclose parts of the stack...
squid: SIGSEGV in ESIContext response handling
An incorrect reference counting flaw was found in the way Squid processes ESI responses. If Squid is configured as reverse-proxy, for TLS/HTTPS interception, an attacker controlling a server accessed by Squid, could crash the squid worker, causing a Denial of Service attack...
squid: multiple issues in ESI processing
Buffer overflow and input validation flaws were found in the way Squid processed ESI responses. If Squid was used as a reverse proxy, or for TLS/HTTPS interception, a remote attacker able to control ESI components on an HTTP server could use these flaws to crash Squid, disclose parts of the stack...
The vulnerability of the PHP interpreter allows a hacker to gain access to read files.
The vulnerability of the PHP interpreter lies in the lack of checks for the sequence “%00” in the path name. Exploiting this vulnerability allows an attacker, operating remotely, to read arbitrary files using specially crafted input data for the application that calls the function...
UBUNTU-CVE-2016-4555
clientsiderequest.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service crash via crafted Edge Side Includes ESI responses...
Linux ASLR vulnerabilities: an attacker with unlimited disable ASLR(CVE-2 0 1 6-3 6 7 2-the vulnerability warning-the black bar safety net
! Recently, security personnel repair a Linux ASLR in a relatively old vulnerability, with x86 devices on the 3 2-bit application usage rights of any user, by the RLIMITSTACK resource is set to“unlimited”you can disable ASLR. The vulnerability CVE number CVE-2 0 1 6-3 6 7 2, The CNNVD number of...
New Relic: Too many included lookups
Your SPF record required more than 10 DNS Lookups to be performed during the test. The number of "include" mechanisms and chained "redirect' modifiers should be kept to a minimum. According to RFC 4408, 'SPF implementations MUST limit the number of mechanisms and modifiers that do DNS Lookups to ...
InstantCoder 1.0 iOS - Multiple Vulnerabilities
InstantCoder 1.0 iOS - Multiple Vulnerabilities Document Title: =============== InstantCoder v1.0 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1738 Release Date: ============= 2016-02-22 Vulnerability Laboratory ID...
Core FTP Server 1.2 - Local Buffer Overflow
Core FTP Server 1.2 - Local Buffer Overflow -- coding: utf-8 -- Exploit Title : Core FTP Server v1.2 - BufferOverflow POC Date: 2016-02-22 Author: INSECT.B Facebook : https://www.facebook.com/B.INSECT00 GitHub : binsect00 Blog : http://binsect00.tistory.com Vendor Homepage : http://www.coreftp.co...
InstantCoder 1.0 iOS - Multiple Vulnerabilities
Exploit for iOS platform in category web applications Document Title: =============== InstantCoder v1.0 iOS - Multiple Web Vulnerabilities Product & Service Introduction: =============================== You are one of the best developers in the world and you would like to code anytime, anywhere...
InstantCoder 1.0 iOS - Multiple Vulnerabilities
Document Title: =============== InstantCoder v1.0 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1738 Release Date: ============= 2016-02-22 Vulnerability Laboratory ID VL-ID: ==================================== 1738...
File Manager PRO v1.3 iOS - Multiple Web Vulnerabilities
Document Title: =============== File Manager PRO v1.3 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1704 Release Date: ============= 2016-02-03 Vulnerability Laboratory ID VL-ID: ====================================...
File Manager PRO v1.3 iOS - Multiple Web Vulnerabilities
Document Title: =============== File Manager PRO v1.3 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1704 Release Date: ============= 2016-02-03 Vulnerability Laboratory ID VL-ID: ====================================...
Ramui Web Hosting Directory Script 4.0 RFI
Title: Ramui web hosting directory script 4.0 Remote File Include Vulnerability Author: bd0rk Twitter: twitter.com/bd0rk Vendor: http://www.ramui.com Download: http://ramui.com/directory-script/download-v4.html Proof-of-Concept: /gb/include/connection.php lines 6-13 in php-sourcecode class...
Secure Item Hub 1.0 iOS - Multiple Vulnerabilities
Document Title: =============== Secure Item Hub v1.0 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1682 Release Date: ============= 2016-01-27 Vulnerability Laboratory ID VL-ID: ==================================== 16...
JCMS政府信息公开系统在/lm/front/reg_2.jsp存在本地文件包含漏洞
No description provided by source...
cacti -- SQL injection vulnerabilities
NVD reports: SQL injection vulnerability in include/topgraphheader.php in Cacti 0.8.8f and earlier allows remote attackers to execute arbitrary SQL commands via the rraid parameter in a properties action to graph.php...
WordPress TheCartPress Plugin 1.4.7 - Multiple Vulnerabilities
TheCartPress plugin is prone to remote code execution and local file include vulnerabilities. Because of these multiple vulnerabilities, an attacker can do a remote code execution or disclosure local files. Solution Update the plugin...