Security update for rubygem-puma (moderate)

openSUSE Security Update: Security update for rubygem-puma Announcement ID: openSUSE-SU-2020:1001-1 Rating: moderate References: 1172175 1172176 Cross-References: CVE-2020-11076 CVE-2020-11077 Affected Products: openSUSE Leap 15.2 An update that fixes two vulnerabilities is now...

Security update for rubygem-puma (moderate)

openSUSE Security Update: Security update for rubygem-puma Announcement ID: openSUSE-SU-2020:0990-1 Rating: moderate References: 1172175 1172176 Cross-References: CVE-2020-11076 CVE-2020-11077 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now...

CVE-2020-13650

An issue was discovered in DigDash 2018R2 before p20200210 and 2019R1 before p20200210. The login page is vulnerable to Server-Side Request Forgery SSRF that allows use of the application as a proxy. Sent to an external server, a forged request discloses application credentials. For a request to ...

DEBIAN-CVE-2018-17613

Telegram Desktop aka tdesktop 1.3.16 alpha, when "Use proxy" is enabled, sends credentials and application data in cleartext over the SOCKS5 protocol...

UBUNTU-CVE-2018-17613

Telegram Desktop aka tdesktop 1.3.16 alpha, when "Use proxy" is enabled, sends credentials and application data in cleartext over the SOCKS5 protocol...

UltimatePOS 2.5 Remote Code Execution Vulnerability

Exploit for php platform in category remote exploits Exploit Title: UltimatePOS 2.5 - Remote Code Execution Google Dork: intext:"UltimatePOS" Exploit Author: Renos Nikolaou Vendor Homepage: http://ultimatefosters.com/ Software Link:...

Open Redirect DDoS Tool: UFONet

Open Redirect DDoS Tool UFONet – is a tool designed to launch DDoS attacks against a target, using ‘Open Redirect’ vectors on third party web applications, like botnet. UFONet abuses OSI Layer 7-HTTP to create/manage ‘zombies’ and to conduct different attacks using; GET/POST, multithreading,...

UBUNTU-CVE-2014-8150

CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a URL...

Why you should try to join some of the underground hacker forums that are out there

Even if you are considered to be a white hat hacker, you are always still walking a fine line between being a bad guy and a good guy in many people eyes. There are a lot of people out there who believe that there should be no hacking at all being done and everyone who does it should be considered...

NukeSentinel 2.5.05 (nukesentinel.php) File Disclosure Exploit

No description provided by source. !/usr/bin/php File Disclosure Maybe work on other versions. Interesting exploit = if$argc URL: http://www.acid-root.new.fr/ ------------------------------------------------------------------ Usage: $argv0 -url -file Options Example: $argv0 -url...

[badroot.org] The Includer remote commands execution exploit

badroot security includer.cgi remote commands execution vulnerability remote exploit. !/usr/bin/python The Includer remote commands execution exploit v. 2 Exploit by: mozako - mozakoatmyboxdotit Vuln. discovered by: Francisco Alisson C 2005 - badroot security http://www.badroot.org PRIVATE - FUNN...

PerlDesk 1.x SQL-Injection Exploit

Exploit for cgi platform in category web applications ================================== PerlDesk 1.x SQL-Injection Exploit ================================== !/usr/bin/perl Example: kb.cgi?view=0 UNION SELECT 1,3,password,username,3,7 FROM users Exploit is attached. ./pde.pl...

Problem With IP Logging In Invision Power Board?

IPB like many other forum systems logs visitors IP's However I have noticed in the past that people who are surfing through some proxies have their internal private IP logged instead of their "real" IP Address. Here are a few screenshots I took of my LAN IP being logged instead of my internet IP...

KTH Kerberos 4 - Arbitrary Proxy Usage

source: https://www.securityfocus.com/bid/2090/info Kerberos is a widely used network service authentication system. The version of Kerberos developed and maintained by KTH Swedish Royal Institute of Technology contains a vulnerability that may allow/assist in a local or remote root compromise. K...