chi Allows Host Header Injection which Leads to Open Redirect in RedirectSlashes

Summary The RedirectSlashes function in middleware/strip.go is vulnerable to host header injection which leads to open redirect. We consider this a lower-severity open redirect, as it can't be exploited from browsers or email clients requires manipulation of a Host header. Details The...

ABB Cylon FLXeon 9.3.4 (app.js) Insecure CORS Configuration

Summary BACnet® Smart Building Controllers. ABB's BACnet portfolio features a series of BACnet® IP and BACnet MS/TP field controllers for ASPECT® and INTEGRA™ building management solutions. ABB BACnet controllers are designed for intelligent control of HVAC equipment such as central plant, boiler...

Toko Flamboyan Local File Inclusion

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x Official Website: http://www.1337day.com 0 1 x...

Dolibarr ERP / CRM OS Command Injection

Exploit for php platform in category web applications Dolibarr ERP & CRM OS Command Injection =================================== 1. Advisory Information Date published: 2012-4-6 Vendors contacted: Dolibarr Release mode: Coordinated release 2. Vulnerability Information Class: Injection Remotely...

3editor CMS <= 0.42 (index.php) Local File Include Vulnerability

No description provided by source. script Name: 3editor CMS index.php Local File Include Exploit Download:http://www.matteolucarelli.net/3editor/index.htm Author : Dr Max Virus Contact :[email protected] Bug & Problem In file index.php Let's Take a look; if !isset$GET'page'...