31 matches found
CVE-2024-25637
October is a self-hosted CMS platform based on the Laravel PHP Framework. The X-October-Request-Handler Header does not sanitize the AJAX handler name and allows unescaped HTML to be reflected back. There is no impact since this vulnerability cannot be exploited through normal browser interaction...
CVE-2024-25637 Reflected XSS via X-October-Request-Handler Header
October is a self-hosted CMS platform based on the Laravel PHP Framework. The X-October-Request-Handler Header does not sanitize the AJAX handler name and allows unescaped HTML to be reflected back. There is no impact since this vulnerability cannot be exploited through normal browser interaction...
CVE-2020-7705
This affects the package MintegralAdSDK from 0.0.0. The SDK distributed by the company contains malicious functionality that tracks any URL opened by the app and reports it back to the company, along with performing advertisement attribution fraud. Mintegral can remotely activate hooks on the...
Code injection
This affects the package MintegralAdSDK from 0.0.0. The SDK distributed by the company contains malicious functionality that tracks any URL opened by the app and reports it back to the company, along with performing advertisement attribution fraud. Mintegral can remotely activate hooks on the...
CVE-2020-7705 Malicious Package
This affects the package MintegralAdSDK from 0.0.0. The SDK distributed by the company contains malicious functionality that tracks any URL opened by the app and reports it back to the company, along with performing advertisement attribution fraud. Mintegral can remotely activate hooks on the...
CVE-2020-7705
The CVE-2020-7705 entry concerns MintegralAdSDK (iOS) with malicious functionality that tracks every opened URL and reports it to an external server, performing ad-attribution fraud even if ads are not served. It can remotely activate hooks on UIKit components (UIApplication, openURL, SKStoreProd...
Prevent Access to Unauthorized Viewers with Enhanced Proxy Detection
Background: Geo-Blocking Content There are no hard and fast rules to the way content is licensed throughout the world, but typically content owners develop license agreements at the country level which gives them a fair amount of flexibility when monetizing their content. These license agreements...
NAT/Proxy Detection
Binary data 7251.pasl...
Proxy HTTP CONNECT Detection
Binary data 9535.prm...
Browsing via HTTP Proxy Detection
Binary data 9529.prm...
Windows WPAD Proxy Discovery Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when Microsoft Windows improperly handles certain proxy discovery scenarios using the Web Proxy Auto Discovery WPAD protocol method. An attacker who successfully exploited the vulnerability could potentially access and control network traffic for whi...
McAfee Web Gateway Proxy Detection
Binary data 8345.prm...
McAfee Web Gateway Proxy Detection (Blocked Resource)
Binary data 8344.prm...
detect_reverse_proxy
This plugin tries to determine if the remote end has a reverse proxy installed. The procedure used to detect reverse proxies is to send a request to the remote server and analyze the response headers, if a Via header is found, chances are that the remote site has a reverse proxy. Plugin type...
Snack Attack: Analyzing Flame's Replication Pattern
The Flame malware uses several methods to replicate itself. The most interesting one is the use of the Microsoft Windows Update service. This is implemented in Flame’s “SNACK”, “MUNCH” and “GADGET” modules. Being parts of Flame, these modules are easily reconfigurable. The behavior of these modul...
Proxy / Firewall Client Detection
Binary data 7057.pasl...
TodouVA Proxy Detection
Binary data 5895.prm...
eTrust Proxy Detection
Binary data 4483.prm...
proxy.org Client Detection
Binary data 4160.prm...
Socks 5 Proxy Detection
Binary data 3884.prm...