CVE-2022-2362

The Download Manager WordPress plugin before 3.2.50 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based download blocking restrictions...

PT-2022-16133 · WordPress · Download Manager

Name of the Vulnerable Software and Affected Versions: Download Manager WordPress plugin versions prior to 3.2.50 Description: The issue allows bypassing IP-based download blocking restrictions by prioritizing a visitor's IP from certain HTTP headers over PHP's REMOTE ADDR. Recommendations: For...

We’re Now Blocking 10,000 Requests Per Hour in Ukraine From Known Malicious IPs

48 hours ago we deployed our commercial real-time threat intelligence automatically, and for free, to all Ukrainian websites with the .UA top-level domain. That has made over 8,000 sites in Ukraine using the free version of Wordfence significantly more secure. At noon-UTC on March 2nd, those site...

CVE-2020-15152 Server-Side Request Forgery in ftp-srv

ftp-srv is an npm package which is a modern and extensible FTP server designed to be simple yet configurable. In ftp-srv before versions 2.19.6, 3.1.2, and 4.3.4 are vulnerable to Server-Side Request Forgery. The PORT command allows arbitrary IPs which can be used to cause the server to make a...

Bypassing IP Based Blocking with AWS API Gateway

The post Bypassing IP Based Blocking with AWS API Gateway appeared first on Rhino Security Labs...

Easy WP SMTP v1. 3. 9）0 day vulnerability is being attacked in the process and reproducibility-vulnerability warning-the black bar safety net

Foreword Your own blog site with wordpres hosting, last month found some abnormalities. 3.12 days, the mailbox explosion, received more than 100 letter on the site is the blasting of the notification mail. ! Day to see also not strange, because before it appeared such a situation, every day there...

CVE-2018-20799

In pfSense 2.4.41, blocking of source IP addresses on the basis of failed HTTPS authentication is inconsistent with blocking of source IP addresses on the basis of failed SSH authentication the behavior does not match the sshguard documentation, which might make it easier for attackers to bypass...

CVE-2018-20799

In pfSense 2.4.41, blocking of source IP addresses on the basis of failed HTTPS authentication is inconsistent with blocking of source IP addresses on the basis of failed SSH authentication the behavior does not match the sshguard documentation, which might make it easier for attackers to bypass...

CVE-2018-20799

Summary: pfSense 2.4.4_1 is affected by CVE-2018-20799, where blocking decisions based on HTTPS authentication failures do not align with SSH authentication handling (per sshguard documentation). This inconsistency may enable bypassing access restrictions. The NVD CVSSv3 vector evaluates to HIGH ...

net-Shield - An Easy and Simple Anti-DDoS solution for VPS, Dedicated Servers and IoT devices

An Easy and Simple Anti-DDoS solution for VPS,Dedicated Servers and IoT devices based on iptables. Requirements Linux System with python, iptables Nginx Will be installed automatically by install.sh Quickstart Running as a standalone software No install.sh required via DryRun option -dry to only...

Cisco ASA Next-Generation Firewall Services Security Bypass Vulnerability

Cisco ASA Next-Generation Firewall Services is the United States Cisco Cisco a set of next-generation firewall products running in the next generation of modular security services suite. A security bypass vulnerability exists in the Create Default IP Blocking process in Cisco ASA Next-Generation...

MediaWiki Multiple Vulnerabilities (Aug 2012) - Windows

MediaWiki is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mediawiki:mediawiki"; ifdescripti...

Design/Logic Flaw

MediaWiki before 1.18.5, and 1.19.x before 1.19.2 allows remote attackers to bypass GlobalBlocking extension IP address blocking and create an account via unspecified vectors...

CVE-2012-4380

CVE-2012-4380 affects MediaWiki before 1.18.5 and 1.19.x before 1.19.2, allowing remote attackers to bypass the GlobalBlocking extension IP address blocking and create an account via unspecified vectors. The connected sources consistently describe the same impact across Windows/Linux OpenVAS entr...

CVE-2012-4380

MediaWiki before 1.18.5, and 1.19.x before 1.19.2 allows remote attackers to bypass GlobalBlocking extension IP address blocking and create an account via unspecified vectors...

SQL Injection(CVE-2017-12650) and CSRF(CVE-2017-12651) Security Vulnerability in Loginizer

As part of a vulnerability research project for our WordPress Security Scanner at WPcans.com, we have been auditing popular WordPress plugins looking for security issues. While auditing the WordPress plugin Loginizer, we discovered a SQL Injection vulnerability and a Cross-Site Request Forgery...

Synologic NAS IP Blocking Bypass

Greetings, 1. Seems to be possible bypass the default enabled "Auto Block of IP address" functionality in Synologic's NAS by using only one single space \x20 to the HTTP header "X-FORWARDED-FOR" If already Auto Blocked, this bypass will not work Generates in /var/log/messages:...

CVE-2014-5284

host-deny.sh in OSSEC before 2.8.1 writes to temporary files with predictable filenames without verifying ownership, which allows local users to modify access restrictions in hosts.deny and gain root privileges by creating the temporary files before automatic IP blocking is performed...

Updated fail2ban packages fix security issues

An update to fail2ban 0.8.13 has been released to fix security issues, amongst other bugfixes. fail2ban versions prior to 0.8.11 would allow a remote unauthenticated attacker to cause arbitrary IP addresses to be blocked by Fail2ban causing legitimate users to be blocked from accessing services...

CVE-2013-7176

config/filter.d/postfix.conf in the postfix filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression...