159 matches found
CVE-2015-7793
CVE-2015-7793 affects Corega CG-WLBARAGM wireless routers. The issue is that the device may behave as an open proxy, enabling remote attackers to trigger outbound network traffic via unspecified vectors. Documents from JVN/NVD/NVD-linked records confirm the affected product and open-proxy behavio...
CVE-2015-7793
Corega CG-WLBARAGM devices provide an open proxy service, which allows remote attackers to trigger outbound network traffic via unspecified vectors...
CG-WLBARAGM may behave as an open proxy
Overview CG-WLBARAGM provided by Corega Inc is a wireless LAN router. CG-WLBARAGM contains an issue where it may behave as an open proxy. Akihiro Nakajima of NTT Communications reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...
JVN#50775659: CG-WLBARAGM may behave as an open proxy
CG-WLBARAGM provided by Corega Inc is a wireless LAN router. CG-WLBARAGM contains an issue where it may behave as an open proxy. Impact The device may be leveraged as a proxy server to conduct cyber attacks. Solution Apply a Workaround The following workaround may mitigate the affects of this...
Google Adsense & Hotel Booking <= 1.0.5 - Open Proxy
Plugin is still affected and has been closed. The code in ./plugin/google-adsense-and-hotel-booking/proxy.php allows an arbitrary user to proxy POST requests though the host site. This may allow attackers to hide attacks, or DoS a site if the POST request is pointed back at itself causing a loop...
Google Adsense & Hotel Booking <= 1.0.5 - Open Proxy
Plugin is still affected and has been closed. The code in ./plugin/google-adsense-and-hotel-booking/proxy.php allows an arbitrary user to proxy POST requests though the host site. This may allow attackers to hide attacks, or DoS a site if the POST request is pointed back at itself causing a loop...
WordPress Filedownload 1.4 Open Proxy Vulnerability
WordPress Filedownload plugin version 1.4 suffers from an open proxy vulnerability. Title: Open Proxy in filedownload v1.4 wordpress plugin Author: Larry W. Cashdollar, @larry0 Date: 2015-07-11 Download Site: https://wordpress.org/plugins/filedownload/ Vendor: Peter Gross Vendor Notified:...
WordPress Filedownload 1.4 Open Proxy
Title: Open Proxy in filedownload v1.4 wordpress plugin Author: Larry W. Cashdollar, @larry0 Date: 2015-07-11 Download Site: https://wordpress.org/plugins/filedownload/ Vendor: Peter Gross Vendor Notified: 2015-07-11 Vendor Contact: [email protected] Description: Creates a downloadlink with t...
FileDownload <= 1.4 - Multiple Issues
XSS, Blind SQL Injection and Open Proxy issues...
Facebook For Android Information Disclosure / Open Proxy
Security advisory of Programa STIC at Fundación Dr. Manuel Sadosky www.fundacionsadosky.org.ar Vulnerabilities in Facebook and Facebook Messenger for Android 1. Advisory Information Title: Vulnerabilities in Facebook and Facebook Messenger for Android Advisory ID: STIC-2014-0529 Advisory URL:...
NoNumber Framework Joomla! Plugin Multiple Vulnerabilities
No description provided by source. Exploit Title: NoNumber Framework Joomla! Plugin Multiple Vulnerabilities Discovery Date: 10 October 2011 Reported Date: 11 October 2011 Patch Date: 17 October 2011 Release Date: 17 October 2011 Author: jdc Software Link: http://nonumber.nl The nnframework plugi...
Sambar 5.x Open Proxy and Authentication Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10256/info Sambar improperly validates the IP address of an originating connection and can be used to gain access the administration interface without authorization. Once the remote attacker has gained access to the...
joomla live chat (sql/proxy) Multiple Vulnerabilities
No description provided by source. Joomla Live Chat http://www.joompolitan.com/livechat.html Google Dork: allinurl:option=comlivechat author: jdc SQL Injections: administrator/components/comlivechat/getChat.php && administrator/components/comlivechat/getSavedChatRooms.php don't sanitize the...
RiSearch 0.99 /RiSearch Pro 3.2.6 show.pl Arbitrary File Access
No description provided by source. source: http://www.securityfocus.com/bid/10812/info RiSearch and RiSearch Pro are reported prone to an open proxy vulnerability. It is reported that the issue presents itself due to a lack of sufficient sanitization performed on user supplied URI parameters. A...
RiSearch 0.99 /RiSearch Pro 3.2.6 show.pl Open Proxy Relay
No description provided by source. source: http://www.securityfocus.com/bid/10812/info RiSearch and RiSearch Pro are reported prone to an open proxy vulnerability. It is reported that the issue presents itself due to a lack of sufficient sanitization performed on user supplied URI parameters. A...
Yahoo!: Open Proxy, http://www.smushit.com/ysmush.it/, 4/09/14, #SpringClean
Thank you for your submission to the Yahoo Bug Bounty program. We were able to reproduce the issue you reported and have implemented appropriate fixes. We appreciate your adherence to responsible disclosure guidelines and look forward to your future participation in the program...
Nmap NSE 6.01: socks-open-proxy
Checks if an open socks proxy is running on the target. The script attempts to connect to a proxy server and send socks4 and socks5 payloads. It is considered an open proxy if the script receives a Request Granted response from the target port. The payloads try to open a connection to...
Nmap NSE 6.01: socks-open-proxy
This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[MATTA-2012-001] CVE-2012-1301; 0day; Open Proxy vulnerability in Umbraco 4.7
We don't release 0days... except when vendors show no interest in fixing their their bugs. http://umbraco.com/umbraco/dashboard/FeedProxy.aspx?url=http://en.wikipedia.org/wiki/Openproxy Have fun. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Matta Consulting - Matta Advisory...
Squid Proxy Port Scanner
A exposed Squid proxy will usually allow an attacker to make requests on their behalf. If misconfigured, this may give the attacker information about devices that they cannot normally reach. For example, an attacker may be able to make requests for internal IP addresses against an open Squid prox...