Default credentials

ZZZCMS zzzphp v1.7.2 does not properly restrict file upload in plugins/ueditor/php/controller.php?upfolder=news&action=catchimage, as demonstrated by uploading a .htaccess or .php5 file...

Atlassian JIRA Plugins Detection

Binary data jirapluginsdetect.nbin...

Jenkins Plugins Detection

Binary data jenkinspluginsdetect.nbin...

floragunn Search Guard Information Disclosure Vulnerability (CNVD-2019-32494)

floragunn Search Guard is a German floragunn company for Elasticsearch and ELK open source plug-ins , it mainly provides encryption , authentication , authorization management and log auditing and other functions . An information disclosure vulnerability exists in versions prior to floragunn Sear...

WebARX — A Defensive Core For Your Website

Estonian based web security startup WebARX, the company who is also behind open-source plugin vulnerability scanner WPBullet and soon-to-be-released bug bounty platform plugbounty.com , has a big vision for a safer web. It built a defensive core for websites which is embedded deep inside the...

RHEL 7 : Red Hat OpenShift Container Platform 4.1 jenkins-2-plugins (RHSA-2019:2662)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:2662 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

UBUNTU-CVE-2019-10753

In all versions prior to version 3.9.6 for eclipse-wtp, all versions prior to version 9.4.4 for eclipse-cdt, and all versions prior to version 3.0.1 for eclipse-groovy, Spotless was resolving dependencies over an insecure channel http. If the build occurred over an insecure connection, a maliciou...

CVE-2019-10753

In all versions prior to version 3.9.6 for eclipse-wtp, all versions prior to version 9.4.4 for eclipse-cdt, and all versions prior to version 3.0.1 for eclipse-groovy, Spotless was resolving dependencies over an insecure channel http. If the build occurred over an insecure connection, a maliciou...

RHEL 7 : Red Hat OpenShift Container Platform 3.11 jenkins-2-plugins (RHSA-2019:2651)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:2651 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

eslint-utils Arbitrary Code Execution Vulnerability

eslint-utils is a utility for ESLint plugins and custom rules. An arbitrary code execution vulnerability exists in versions of eslint-utils prior to 1.4.1. An attacker can exploit this vulnerability to execute arbitrary code via the getStaticValue function...

GNU Libextractor Heap Buffer Overflow Vulnerability (CNVD-2020-20390)

GNU Libextractor is a set of libraries from the GNU Project for extracting metadata from files. A heap buffer overflow vulnerability exists in the 'EXTRACTORdviextractmethod' function in the plugins/dviextractor.c file in GNU Libextractor 1.9 and earlier. The vulnerability stems from a networked...

CVE-2019-15531

GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTORdviextractmethod in plugins/dviextractor.c...

Heap overflow

GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTORdviextractmethod in plugins/dviextractor.c...

CVE-2019-14999

The Uninstall REST endpoint in Atlassian Universal Plugin Manager before version 2.22.19, from version 3.0.0 before version 3.0.3 and from version 4.0.0 before version 4.0.3 allows remote attackers to uninstall plugins using a Cross-Site Request Forgery CSRF vulnerability on an authenticated...

The bundled Atlassian Universal Plugin Manager plugin had a CSRF issue - CVE-2019-14999

The version of the bundled Atlassian Universal Plugin Manager plugin had a CSRF vulnerability that allowed remote attackers, through an administrator, uninstall plugins through a rest endpoint. See https://ecosystem.atlassian.net/browse/UPM-6044 for more details...

The bundled Atlassian Universal Plugin Manager plugin had a CSRF issue - CVE-2019-14999

The version of the bundled Atlassian Universal Plugin Manager plugin had a CSRF vulnerability that allowed remote attackers, through an administrator, uninstall plugins through a rest endpoint. See https://ecosystem.atlassian.net/browse/UPM-6044 for more details...

metasploit-framework

This is an offensive tool for Metasploit Framework. The Metasploit Framework is a penetration testing platform that allows users to create and execute exploits against various targets. The framework is written in Ruby and provides a modular architecture that makes it easy to add new exploits and...

UPDATE: FOCA v3.4.6.0

PenTestIT RSS Feed My last post about this Fingerprinting & Organisation with Collected Archives was almost two year ago. I also mentioned that this tool was open sourced. Now, FOCA v3.4.6.0 has been released! I missed a lot of the older updates to this tool. What is FOCA? FOCA stands for...

Atlassian Crowd 3.2.x < 3.2.8 RCE Vulnerability

According to its self-reported version number, the Atlassian Crowd application running on the remote host is 2.1.x prior to 3.0.5, 3.1.x prior to 3.1.6, 3.2.x prior to 3.2.8, 3.3.x prior to 3.3.5 or 3.4.x prior to 3.4.4. It is, therefore, affected by a remote code execution RCE vulnerability. An...

floragunn Search Guard Input Validation Error Vulnerability

floragunn Search Guard is a German floragunn company for Elasticsearch and ELK open source plug-ins , it mainly provides encryption , authentication , authorization management and log auditing and other functions . An input validation error vulnerability exists in versions prior to floragunn Sear...