CVE-2002-1925

Tiny Personal Firewall 3.0 through 3.0.6 allows remote attackers to cause a denial of service crash by via SYN, UDP, ICMP and TCP portscans when the administrator selects the Log tab of the Personal Firewall Agent module...

Server-Side Request Forgery (SSRF) in chevereto/chevereto-free

Description Attackers can make the server perform arbitrary requests to internal IPs as well as use the file:/// protocol to disclose internal image data. Proof of Concept 1: Create a valid image file on the server /path/to/index.png 2: Choose add Image URLs and use a valid URL and click OK. Then...

Server-Side Request Forgery (SSRF) in collectiveaccess/providence

Description Authenticated, blind SSRF vulnerability exists in CollectiveAccess. Requires edit access tested with default cataloguer account Proof of Concept As the 'cataloguer', user: Step 1. Create a new object with the title: Step 2. After submitting this object, browse for objects in...

Server-Side Request Forgery (SSRF) in osticket/osticket

Description The SSRF vulnerability in OSTickets detailed in CVE-2020-24881 is still unfixed, attackers can still make arbitrary requests via the server to the private network via the PDF print generator although they will not be able to exfiltrate anything other than image data. Proof of Concept ...

JShielder - LAMP/LEMP Secure Deployment

JSHielder is an Open Source tool developed to help SysAdmin and developers secure there Linux Servers in which they will be deploying any web application. This tool automates the process of installing all the necessary packages to host a web application and Hardening a Linux server with little...

portbunny (NASL wrapper)

This plugin runs portbunny scan to find open ports. Portbunny is Linux only kernel module port scanner suitable for large internal portscans. This is experimental plugin, use with care. OpenVAS Vulnerability Test $Id: portbunny.nasl 8023 2017-12-07 08:36:26Z teissa $ Use portbunny as scanner...

SuSE 10 Security Update : kdelibs3,kdelibs3-devel,CVE-2007-1564 (ZYPP Patch Number 3988)

A bug in konqueror allowed attackers to abuse the FTP passive mode for portscans. CVE-2007-1564 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid29483;...

openSUSE 10 Security Update : kdelibs3 (kdelibs3-3058)

A bug in KHTML could be exploited to conduct cross site scripting XSS attacks CVE-2007-0537. Another bug allowed attackers to abuse the FTP passive mode for portscans CVE-2007-1564. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

CVE-2002-1925

Tiny Personal Firewall 3.0 through 3.0.6 allows remote attackers to cause a denial of service crash by via SYN, UDP, ICMP and TCP portscans when the administrator selects the Log tab of the Personal Firewall Agent module...

CVE-2002-1925

Tiny Personal Firewall 3.0 through 3.0.6 allows remote attackers to cause a denial of service crash by via SYN, UDP, ICMP and TCP portscans when the administrator selects the Log tab of the Personal Firewall Agent module...