Chaturbate: Unrestricted POST request size on roomlogin endpoint

POST requests to endpoint /roomlogin/ are not limited in size. While the main website login endpoint correctly limits the size of request, this endpoint does not. This can be a mean to perform a DOS attack. Steps To Reproduce: 1. has a password-protected stream. 2. Send a large POST request to...

PT-2018-3640 · Wikimedia +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.35.1 Description: The issue is related to a lack of input validation mechanism in MediaWiki, which can be exploited by a remote attacker to impact data integrity. Specifically, when MediaWiki:Mainpage is set to...

CVE-2018-11240

An issue was discovered on SoftCase T-Router build 20112017 devices. There are no restrictions on the 'exec command' feature of the T-Router protocol. If the command syntax is correct, there is code execution both on the other modem and on the main servers. This is fixed in production builds as o...

CVE-2018-10763

Multiple cross-site scripting XSS vulnerabilities in Synametrics SynaMan 4.0 build 1488 via the 1 Main heading or 2 Sub heading fields in the Partial Branding configuration page...

UBUNTU-CVE-2018-5389

The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. Reusing a key pair across different versions and modes of IKE could lead to cross-protocol authentication bypasses. It is well known, that the aggressive mode of IKEv1 PSK is vulnerable to offline...

DEBIAN-CVE-2018-5389

The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. Reusing a key pair across different versions and modes of IKE could lead to cross-protocol authentication bypasses. It is well known, that the aggressive mode of IKEv1 PSK is vulnerable to offline...

SeaCMS Code Execution Vulnerability

SeaCMS is a free and open source web content management system written in PHP. The system has been designed primarily to manage video-on-demand resources. A code execution vulnerability exists in SeaCMS version 6.61, which originates from the 'parseIf' function in the include/main.class.php file...

Design/Logic Flaw

SeaCMS 6.61 allows remote attackers to execute arbitrary code because parseIf in include/main.class.php does not block use of $GLOBALS...

CVE-2018-16343

SeaCMS 6.61 allows remote attackers to execute arbitrary code because parseIf in include/main.class.php does not block use of $GLOBALS...

UBUNTU-CVE-2018-15746

qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service guest crash by leveraging mishandling of the seccomp policy for threads other than the main thread...

leo-club-main-kinzig.de XSS vulnerability

Open Bug Bounty ID: OBB-670143 Description| Value ---|--- Affected Website:| leo-club-main-kinzig.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

ASUS DSL-N12E_C1 Remote Command Execution Vulnerability

ASUS DSL-N12EC1 is a wireless router product from ASUS. A remote command execution vulnerability exists in the MainAnalysisContent.asp file in the ASUS DSL-N12EC1 version 1.1.2.3345. A remote attacker can exploit this vulnerability to execute arbitrary operating system commands with the help of...

IKEv1 Main Mode vulnerable to brute force attacks

Overview Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. Description The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. CVE-2018-5389It is well known, that the aggressive mode of IKEv1 PSK is vulnerable...

caritas-main-taunus.de XSS vulnerability

Open Bug Bounty ID: OBB-652764 Description| Value ---|--- Affected Website:| caritas-main-taunus.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Adobe Systems - Arbitrary Code Injection Vulnerability

Document Title: =============== Adobe Systems - Arbitrary Code Injection Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2120 PSIRT ID: 7873 Vulnerability Magazine:...

CVE-2018-12735

SAJ Solar Inverter allows remote attackers to obtain potentially sensitive information via a direct request for the inverterinfo.htm or englishmain.htm URI...

The vulnerability of the apply.cgi component in ASUS’ microprogramming software for routers allows a hacker to execute arbitrary commands with root privileges.

The vulnerability of the apply.cgi component in ASUS router microprogramming systems exists due to the lack of measures taken to neutralize the special elements used in operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using the...

Researchers Defeat AMD's SEV Virtual Machine Encryption

German security researchers claim to have found a new practical attack against virtual machines VMs protected using AMD's Secure Encrypted Virtualization SEV technology that could allow attackers to recover plaintext memory data from guest VMs. AMD's Secure Encrypted Virtualization SEV technology...

Reverb.com: XSS in main search, use class tag to imitate Reverb.com core functionality, create false login window

This is an expansion of 349684 which was flagged as a duplicate. In that bug report I explained that several HTML tags end up rendering when entered into the main search. I've since found out that the class attribute of multiple types of tags can be modified to create a realistic imitation of cor...

immo.main-echo.de XSS vulnerability

Open Bug Bounty ID: OBB-610182 Description| Value ---|--- Affected Website:| immo.main-echo.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...