Lucene search
K

122 matches found

Veracode
Veracode
added 2019/05/02 4:42 a.m.41 views

Denial Of Service (DoS) Or Directory Traversal

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was discovered that the PHP XSL extension did not restrict the file writing capability of libxslt. A remote attacker could use this flaw to create or overwrite an arbitrary file that is writable by the user...

9.8CVSS6.3AI score0.99998EPSS
Exploits56References23Affected Software2
Veracode
Veracode
added 2019/05/02 4:42 a.m.52 views

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was discovered that the PHP XSL extension did not restrict the file writing capability of libxslt. A remote attacker could use this flaw to create or overwrite an arbitrary file that is writable by the user...

9.8CVSS6.3AI score0.99998EPSS
Exploits56References9Affected Software2
Hacker One
Hacker One
added 2018/11/28 1:26 p.m.40 views

Infogram: User account blocking by Internal Server error

If you send a language=en in https://infogram.com/api/users/me user be forever get an Internal Server error EVEN AFTER re-logining: https://youtu.be/AxYa11lEiWA I idk why does hackerone can't upload this video so I uploaded this video privately to the youtube! In this video, I'm trying to relogin...

0.5AI score
Exploits0
Citrix
Citrix
added 2018/10/10 12:0 a.m.7 views

Adding layer versions with Nutanix fails with error: Failed to execute the script.

When trying to add versions to layers, the task may fail with an error. Failed to execute the script. Unable to perform the operation. The Nutanix server has encountered a failure processing the request 500. Error: internal server error. Details: Error occurred while creating Disk image...

7.3AI score
Exploits0
OSV
OSV
added 2018/07/06 2:29 p.m.5 views

CVE-2017-1239

IBM Quality Manager RQM 5.0.x and 6.0 through 6.0.5 could reveal sensitive information in HTTP 500 Internal Server Error responses. IBM X-Force ID: 124357...

5.3CVSS5.8AI score0.01269EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/07/06 2:0 p.m.22 views

CVE-2017-1239

IBM Quality Manager RQM 5.0.x and 6.0 through 6.0.5 could reveal sensitive information in HTTP 500 Internal Server Error responses. IBM X-Force ID: 124357...

4.3CVSS5AI score0.01269EPSS
Exploits0References2
Citrix
Citrix
added 2018/06/19 12:0 a.m.4 views

Unable to Connect to StoreFront from NetScaler After Logging into NetScaler Page with Error "Http/1.1 Internal Server Error 43531"

The following error is shown after logon to NetScaler page: Error "Http/1.1 Internal Server Error 43531" The NetScaler is unable to connect or redirect to StoreFront page...

7.1AI score
Exploits0
Citrix
Citrix
added 2018/05/22 12:0 a.m.9 views

Error: "Http/1.1 Internal Server Error 43531" When Enrolling Device to XenMobile

MAM enrollment is failing with below errors: 1. While authenticating from the Gateway Web Page -"Http/1.1 Internal Server Error 43531" 2. While attempting from the mobile device - "Enrollment Failed - There's a prblem with the server setup. Please contact your administrator"...

7.1AI score
Exploits0
NVD
NVD
added 2018/01/26 9:29 p.m.19 views

CVE-2017-1515

IBM Doors Web Access 9.5 and 9.6 could allow an authenticated user to obtain sensitive information from HTTP internal server error responses. IBM X-Force ID: 129825...

4.3CVSS4.2AI score0.01248EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/01/26 9:0 p.m.22 views

CVE-2017-1515

IBM Doors Web Access 9.5 and 9.6 could allow an authenticated user to obtain sensitive information from HTTP internal server error responses. IBM X-Force ID: 129825...

4.2AI score0.01248EPSS
Exploits0References3
Prion
Prion
added 2017/12/11 4:29 p.m.20 views

Cross site scripting

A cross site scripting XSS vulnerability exists in CheckMK versions 1.2.8x prior to 1.2.8p25 and 1.4.0x prior to 1.4.0p9, allowing an unauthenticated attacker to inject arbitrary HTML or JavaScript via the outputformat parameter, and the username parameter of failed HTTP basic authentication...

4.3CVSS6.1AI score0.01029EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2017/12/11 4:29 p.m.5 views

UBUNTU-CVE-2017-11507

A cross site scripting XSS vulnerability exists in CheckMK versions 1.2.8x prior to 1.2.8p25 and 1.4.0x prior to 1.4.0p9, allowing an unauthenticated attacker to inject arbitrary HTML or JavaScript via the outputformat parameter, and the username parameter of failed HTTP basic authentication...

6.1CVSS6AI score0.01029EPSS
Exploits1References4
CNVD
CNVD
added 2017/11/30 12:0 a.m.6 views

IBM Rational Rhapsody Design Manager Information Disclosure Vulnerability (CNVD-2017-38260)

IBM Rational Rhapsody Design Manager is a suite of collaborative design management software from IBM. The software supports the use of centralized system repositories with Web-based access to store, share, search, and manage design models as well as automated software design reviews. An informati...

4.3CVSS6.1AI score0.00916EPSS
Exploits0References1
CVE
CVE
added 2017/11/27 9:0 p.m.59 views

CVE-2017-1240

CVE-2017-1240 affects IBM Rational Rhapsody Design Manager (RDM) within IBM CLM family. Affected versions: RDM 4.0–4.0.7, 5.0–5.0.2, and 6.0–6.0.4. Description in connected sources shows an information-disclosure flaw where sensitive data could be exposed via HTTP 500 Internal Server Error respon...

4.3CVSS4.2AI score0.00916EPSS
Exploits0References3Affected Software1
Hacker One
Hacker One
added 2017/10/31 8:22 a.m.39 views

International Islamic University Chittagong: Another Internal Path Disclosure

Keeping your previous fixes in mind, I found another endpoint which is disclosing full internal path through 500 Internal Server error. POC-URL: http://119.18.148.140/iiuc/login/ Request: GET http://119.18.148.140/iiuc/login/ HTTP/1.1 Host: 119.18.148.140 Connection: keep-alive User-Agent:...

6.8AI score
Exploits0
myhack58
myhack58
added 2017/06/06 12:0 a.m.133 views

How to pass the command injection vulnerability fix Yahoo subsidiary production servers-vulnerability warning-the black bar safety net

One, Foreword Time to get back to 5 May 20, the night before that, I spent several days time to study the Yahoo Messenger app, still can't figure out how it works, but annoying headache and neck pain and looking for me. So I decided to go for a walk, find a new target. Then I noticed a very...

10CVSS7.7AI score0.97485EPSS
Exploits11
Hacker One
Hacker One
added 2017/04/08 6:48 p.m.36 views

Gratipay: Transferring incorrect data to the http://gip.rocks/v1 endpoint with correct Content-Type leads to local paths disclosure through the error message

Description Hi. I found the way to raise 500 Internal Server Error with some sensitive information disclosure some local paths of the python installation. The issue is not critical, however, you can prevent this information leak. Request: POST /v1 HTTP/1.1 Host: gip.rocks Cache-Control: max-age=0...

6.3AI score
Exploits0
Citrix
Citrix
added 2017/03/15 12:0 a.m.7 views

The remote server returned an error: (500) Internal Server Error

If you see "The remote server returned an error: 500 Internal Server Error" in any of the Unidesk failure messages, it means there is a problem with an ESX host. Keep in mind that vSphere will route filesystem requests to any available ESX host that has the requested VMFS mounted, including ones...

7.2AI score
Exploits0
Hacker One
Hacker One
added 2016/08/09 9:38 p.m.36 views

Veris: Internal server error 500 at log.veris.in

INTRO: i have discovered an internal server error 500 at log.veris.in in sentry app & possible DoS injection with data garbage EXPLOITABILITY: Steps: 1After Sending this request Sentry is crash with an internal server error showing version of sentry and the capability of sending the issue with a...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2015/07/27 12:0 a.m.31 views

Hawkeye-G 3.0.1.4912 Cross Site Scripting / Information Leakage

Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-HAWKEYEG0725.txt Vendor: ================================ www.hexiscyber.com Product: ================================ Hawkeye-G v3.0.1.4912 Hawkeye G is an active defense...

7.4AI score
Exploits0
Rows per page
Query Builder