122 matches found
Denial Of Service (DoS) Or Directory Traversal
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was discovered that the PHP XSL extension did not restrict the file writing capability of libxslt. A remote attacker could use this flaw to create or overwrite an arbitrary file that is writable by the user...
Denial Of Service (DoS)
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was discovered that the PHP XSL extension did not restrict the file writing capability of libxslt. A remote attacker could use this flaw to create or overwrite an arbitrary file that is writable by the user...
Infogram: User account blocking by Internal Server error
If you send a language=en in https://infogram.com/api/users/me user be forever get an Internal Server error EVEN AFTER re-logining: https://youtu.be/AxYa11lEiWA I idk why does hackerone can't upload this video so I uploaded this video privately to the youtube! In this video, I'm trying to relogin...
Adding layer versions with Nutanix fails with error: Failed to execute the script.
When trying to add versions to layers, the task may fail with an error. Failed to execute the script. Unable to perform the operation. The Nutanix server has encountered a failure processing the request 500. Error: internal server error. Details: Error occurred while creating Disk image...
CVE-2017-1239
IBM Quality Manager RQM 5.0.x and 6.0 through 6.0.5 could reveal sensitive information in HTTP 500 Internal Server Error responses. IBM X-Force ID: 124357...
CVE-2017-1239
IBM Quality Manager RQM 5.0.x and 6.0 through 6.0.5 could reveal sensitive information in HTTP 500 Internal Server Error responses. IBM X-Force ID: 124357...
Unable to Connect to StoreFront from NetScaler After Logging into NetScaler Page with Error "Http/1.1 Internal Server Error 43531"
The following error is shown after logon to NetScaler page: Error "Http/1.1 Internal Server Error 43531" The NetScaler is unable to connect or redirect to StoreFront page...
Error: "Http/1.1 Internal Server Error 43531" When Enrolling Device to XenMobile
MAM enrollment is failing with below errors: 1. While authenticating from the Gateway Web Page -"Http/1.1 Internal Server Error 43531" 2. While attempting from the mobile device - "Enrollment Failed - There's a prblem with the server setup. Please contact your administrator"...
CVE-2017-1515
IBM Doors Web Access 9.5 and 9.6 could allow an authenticated user to obtain sensitive information from HTTP internal server error responses. IBM X-Force ID: 129825...
CVE-2017-1515
IBM Doors Web Access 9.5 and 9.6 could allow an authenticated user to obtain sensitive information from HTTP internal server error responses. IBM X-Force ID: 129825...
Cross site scripting
A cross site scripting XSS vulnerability exists in CheckMK versions 1.2.8x prior to 1.2.8p25 and 1.4.0x prior to 1.4.0p9, allowing an unauthenticated attacker to inject arbitrary HTML or JavaScript via the outputformat parameter, and the username parameter of failed HTTP basic authentication...
UBUNTU-CVE-2017-11507
A cross site scripting XSS vulnerability exists in CheckMK versions 1.2.8x prior to 1.2.8p25 and 1.4.0x prior to 1.4.0p9, allowing an unauthenticated attacker to inject arbitrary HTML or JavaScript via the outputformat parameter, and the username parameter of failed HTTP basic authentication...
IBM Rational Rhapsody Design Manager Information Disclosure Vulnerability (CNVD-2017-38260)
IBM Rational Rhapsody Design Manager is a suite of collaborative design management software from IBM. The software supports the use of centralized system repositories with Web-based access to store, share, search, and manage design models as well as automated software design reviews. An informati...
CVE-2017-1240
CVE-2017-1240 affects IBM Rational Rhapsody Design Manager (RDM) within IBM CLM family. Affected versions: RDM 4.0–4.0.7, 5.0–5.0.2, and 6.0–6.0.4. Description in connected sources shows an information-disclosure flaw where sensitive data could be exposed via HTTP 500 Internal Server Error respon...
International Islamic University Chittagong: Another Internal Path Disclosure
Keeping your previous fixes in mind, I found another endpoint which is disclosing full internal path through 500 Internal Server error. POC-URL: http://119.18.148.140/iiuc/login/ Request: GET http://119.18.148.140/iiuc/login/ HTTP/1.1 Host: 119.18.148.140 Connection: keep-alive User-Agent:...
How to pass the command injection vulnerability fix Yahoo subsidiary production servers-vulnerability warning-the black bar safety net
One, Foreword Time to get back to 5 May 20, the night before that, I spent several days time to study the Yahoo Messenger app, still can't figure out how it works, but annoying headache and neck pain and looking for me. So I decided to go for a walk, find a new target. Then I noticed a very...
Gratipay: Transferring incorrect data to the http://gip.rocks/v1 endpoint with correct Content-Type leads to local paths disclosure through the error message
Description Hi. I found the way to raise 500 Internal Server Error with some sensitive information disclosure some local paths of the python installation. The issue is not critical, however, you can prevent this information leak. Request: POST /v1 HTTP/1.1 Host: gip.rocks Cache-Control: max-age=0...
The remote server returned an error: (500) Internal Server Error
If you see "The remote server returned an error: 500 Internal Server Error" in any of the Unidesk failure messages, it means there is a problem with an ESX host. Keep in mind that vSphere will route filesystem requests to any available ESX host that has the requested VMFS mounted, including ones...
Veris: Internal server error 500 at log.veris.in
INTRO: i have discovered an internal server error 500 at log.veris.in in sentry app & possible DoS injection with data garbage EXPLOITABILITY: Steps: 1After Sending this request Sentry is crash with an internal server error showing version of sentry and the capability of sending the issue with a...
Hawkeye-G 3.0.1.4912 Cross Site Scripting / Information Leakage
Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-HAWKEYEG0725.txt Vendor: ================================ www.hexiscyber.com Product: ================================ Hawkeye-G v3.0.1.4912 Hawkeye G is an active defense...