28 matches found
CVE-2026-42188
CVE-2026-42188 (Geyser SSRF) : A server-side request forgery vulnerability exists in Geyser’s handling of Bedrock player head textures. Before version 2.9.3, a crafted Base64-encoded skin texture URL supplied via the /give command can cause the Minecraft server to issue arbitrary HTTP GET request...
GHSA-XCFG-FCR5-GW9R Geyser Vulnerable to Server-Side Request Forgery (SSRF) via Player Head Texture URL in Geyser
Summary A server-side request forgery SSRF vulnerability exists in Geyser’s handling of Bedrock player head texture data. By supplying a crafted Base64-encoded skin texture URL via the /give command, an attacker can cause the Minecraft server to issue arbitrary HTTP GET requests to...
DVHMA - Damn Vulnerable Hybrid Mobile App (For Android) That Intentionally Contains Vulnerabilities
Damn Vulnerable Hybrid Mobile App DVHMA is an hybrid mobile app for Android that intentionally contains vulnerabilities. Its purpose is to enable security professionals to test their tools and techniques legally, help developers better understand the common pitfalls in developing hybrid mobile ap...
JXBrowser JavaScript-Java bridge in the RCE vulnerability-vulnerability warning-the black bar safety net
I recently was studying how to use JXBrowser to achieve a set of experimental scanning techniques. When I use JXBrowser library in the process, I suddenly thought, whether it can be by calling different classes to attack the JXBrowser client, and through a Web page to achieve remote code executio...
Zend Java Bridge - Remote Code Execution (ZDI-11-113)
No description provided by source. / Zend Java Bridge v3.1 - Remote Code Execution ZDI-11-113 Copyright c 2010 Luca Carettoni ZJB.java v0.2 - 4 August 2010 Usage java -jar zjb.jar IP PORT 'CMD' Default: 10001/tcp Version affected Zend Server v5.0.2, Zend Server Community Edition v5.0.2 and previo...
Zend Server Java Bridge Arbitrary Java Code Execution
No description provided by source. $Id: zendjavabridge.rb 12242 2011-04-05 01:08:07Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms ...
java Bridge 5.5 - Directory Traversal vulnerability
No description provided by source...
Zend Zend Server Java Bridge Remote Code Execution
Zend Server is a complete, enterprise-ready Web Application Server for running and managing PHP applications. An internal component, the Zend Java Bridge, provides PHP developers with a way to use existing Java code and build PHP applications that use Java code. A remote code execution...
Zend Server Java Bridge Remote Code Execution
Added: 04/08/2011 BID: 47060 OSVDB: 71420 Background Zend Server is an enterprise web application server for hosting PHP applications. Problem The Zend Server Java Bridge allows PHP applications to execute methods in Java classes. The Java Bridge does not validate that requests to execute Java co...
Zend Server Java Bridge Remote Code Execution
Added: 04/08/2011 BID: 47060 OSVDB: 71420 Background Zend Server is an enterprise web application server for hosting PHP applications. Problem The Zend Server Java Bridge allows PHP applications to execute methods in Java classes. The Java Bridge does not validate that requests to execute Java co...
Zend Server Java Bridge Remote Code Execution
Added: 04/08/2011 BID: 47060 OSVDB: 71420 Background Zend Server is an enterprise web application server for hosting PHP applications. Problem The Zend Server Java Bridge allows PHP applications to execute methods in Java classes. The Java Bridge does not validate that requests to execute Java co...
Zend Server Java Bridge Remote Code Execution
Added: 04/08/2011 BID: 47060 OSVDB: 71420 Background Zend Server is an enterprise web application server for hosting PHP applications. Problem The Zend Server Java Bridge allows PHP applications to execute methods in Java classes. The Java Bridge does not validate that requests to execute Java co...
Zend Server Java Bridge Arbitrary Java Code Execution
$Id: zendjavabridge.rb 12242 2011-04-05 01:08:07Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Zend Server Java Bridge - Arbitrary Java Code Execution (Metasploit)
$Id: zendjavabridge.rb 12242 2011-04-05 01:08:07Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Zend Server Java Bridge Arbitrary Java Code Execution
This module takes advantage of a trust relationship issue within the Zend Server Java Bridge. The Java Bridge is responsible for handling interactions between PHP and Java code within Zend Server. When Java code is encountered Zend Server communicates with the Java Bridge. The Java Bridge then...
Zend Server Java Bridge Design Flaw Remote Code Execution
This module abuses a flaw in the Zend Java Bridge Component of the Zend Server Framework. By sending a specially crafted packet, an attacker may be able to execute arbitrary code. NOTE: This module has only been tested with the Win32 build of the software. This module requires Metasploit:...
Zend Java Bridge - Remote Code Execution (ZDI-11-113)
Exploit for multiple platform in category remote exploits / Zend Java Bridge v3.1 - Remote Code Execution ZDI-11-113 Copyright c 2010 Luca Carettoni ZJB.java v0.2 - 4 August 2010 Usage java -jar zjb.jar '' Default: 10001/tcp Version affected Zend Server v5.0.2, Zend Server Community Edition v5.0....
Zend Server Java Bridge "javamw.jar"服务远程代码执行漏洞
BUGTRAQ ID: 47060 Zend是一家PHP公司,成立于1999年,针对PHP的应用陆续发布了至关重要的PHP网络应用平台产品和服务。 Zend Server Java Bridge "javamw.jar"服务在实现上存在远程代码执行漏洞,远程攻击者可利用此漏洞在受影响应用程序中执行任意代码,造成拒绝服务。 此漏洞源于Zend Server的Zend Java Bridge v3.1组件中。javamw.jar服务默认接受端口10001上的TCP请求。Zend Server Java...
Zend Java Bridge - Remote Code Execution
Zend Java Bridge - Remote Code Execution / Zend Java Bridge v3.1 - Remote Code Execution ZDI-11-113 Copyright c 2010 Luca Carettoni ZJB.java v0.2 - 4 August 2010 Usage java -jar zjb.jar '' Default: 10001/tcp Version affected Zend Server v5.0.2, Zend Server Community Edition v5.0.2 and previous...
Zend Java Bridge Remote Code Execution
/ Zend Java Bridge v3.1 - Remote Code Execution ZDI-11-113 Copyright c 2010 Luca Carettoni ZJB.java v0.2 - 4 August 2010 Usage java -jar zjb.jar '' Default: 10001/tcp Version affected Zend Server v5.0.2, Zend Server Community Edition v5.0.2 and previous releases...