11 matches found
USN-5376-6: Git regression
USN-5376-4 fixed a regression in Git. This update provides the corresponding update for Ubuntu 18.04 LTS. We apologize for the inconvenience. Original advisory details: 俞晨东 discovered that Git incorrectly handled certain repository paths in platforms with multiple users support. An attacker could...
GHSA-MFJ5-CF8G-G2FV AsyncHttpClient (AHC) library's `CookieStore` replaces explicitly defined `Cookie`s
Summary When making any HTTP request, the automatically enabled and self-managed CookieStore aka cookie jar will silently replace explicitly defined Cookies with any that have the same name from the cookie jar. For services that operate with multiple users, this can result in one user's Cookie...
mblog 代码问题漏洞
langhsu mblog is langhsu open source an application system . Open source Java blog system , support for multi-user , support for switching themes . mblog version 3.5.0 security vulnerabilities , the vulnerability stems from the existence of operating system command injection vulnerability ,...
Cloak - A Censorship Circumvention Tool To Evade Detection By Authoritarian State Adversaries
Cloak is a pluggable transport that enhances traditional proxy tools like OpenVPN to evade sophisticated censorship and data discrimination. Cloak is not a standalone proxy program. Rather, it works by masquerading proxied traffic as normal web browsing activities. In contrast to traditional tool...
Mblog Cross-Site Scripting Vulnerability (CNVD-2021-26162)
Mblog is an open source Java blog system , support for multi-user , support for switching themes. Mblog 3.5 has a cross-site scripting vulnerability that can be exploited to inject arbitrary Web script or HTML via the nickname field in /settings/profile...
DeimosC2 - A Golang Command And Control Framework For Post-Exploitation
DeimosC2 is a post-exploitation Command & Control C2 tool that leverages multiple communication methods in order to control machines that have been compromised. DeimosC2 server and agents works on, and has been tested on, Windows, Darwin, and Linux. It is entirely written in Golang with a front e...
Hashtopolis - A Hashcat Wrapper For Distributed Hashcracking
Hashtopolis is a multi-platform client-server tool for distributing hashcat tasks to multiple computers. The main goals for Hashtopolis's development are portability, robustness, multi-user support, and multiple groups management. The application has two parts: Agent Multiple clients C, Python,...
[Dexter] A Free Tool for Mobile (Android) Malware Analysis
Bluebox Labs just released Dexter, a free tool which wants to help information security professionals and malware analysts to analyze Android mobile applications in order to find malware and vulnerabilities. .png Dexter combines manual and automatic static program analysis to provide a better...
[SECURITY] Fedora 14 Update: wordpress-mu-2.9.2-3.fc14
WordPress-MU is a derivative of the WordPress blogging codebase, to allow one instance to serve multiple users...
saralblog v1 SQL inj. vuln.
saralblog v1 SQL inj. vuln. Vuln. dicovered by : r0t Date: 6 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/saralblog-v1-sql-inj-vuln.html vendor:http://www.saralblog.org/ affected version:v.1 and prior Product Description: saralblog is a very simple to use blog, which has some ve...
PhpMyFAQ 1.5.1 multiple vulnerabilities
2.31 23/09/2005 PhpMyFaq 1.5.1 SQL injection / board takeover / user info disclosure / path disclosure remote code / commands execution software: site: http://www.phpmyfaq.de/ description: "phpMyFAQ is a multilingual, completely database-driven FAQ-system. It supports various databases to store a...