1317 matches found
CVE-2016-6624
An issue was discovered in phpMyAdmin involving improper enforcement of the IP-based authentication rules. When phpMyAdmin is used with IPv6 in a proxy server environment, and the proxy server is in the allowed range but the attacking computer is not allowed, this vulnerability can allow the...
CVE-2016-6624
CVE-2016-6624 affects phpMyAdmin: IPv6 in proxy setups can bypass IP-based authentication when the proxy is allowed but the client is not. Affected versions are 4.6.x before 4.6.4, 4.4.x before 4.4.15.8, and 4.0.x before 4.0.10.17. The vulnerability allows the attacking host to connect despite IP...
squid security update
CentOS Errata and Security Advisory CESA-2016:2600 An update for squid is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Easy Internet Sharing Proxy Server 2.2 - SEH Overflow (Metasploit) Exploit
Exploit for windows platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Easy Internet Sharing Proxy Server 2.2 SEH buffer Overflow',...
RHEL 7 : squid (RHSA-2016:2600)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:2600 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. The following packages have...
IBM WebSphere Application Server 7.0 < 7.0.0.39 Multiple Vulnerabilities (FREAK)
Binary data 9700.prm...
IBM WebSphere Application Server 8.0 < 8.0.0.11 Multiple Vulnerabilities (FREAK)
Binary data 9713.prm...
IBM WebSphere Application Server 8.5 < 8.5.5.6 Multiple Vulnerabilities (FREAK)
Binary data 9716.prm...
For a certain APP vulnerability discovery(capture+reverse=dig to the maximum vulnerability)-vulnerability warning-the black bar safety net
! Author: think twice journey Royalties:300RMB(not taking you to the contributor!) Submission methods: send an email to linwei3 6 0. cn, or visit the web version of the online submission Written on the front I learn penetration testing, mainly Web direction in a few months, and now was just getti...
CVE-2016-4694
The Apache HTTP Server in Apple OS X before 10.12 and OS X Server before 5.2 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted CGI client data in the HTTPPROXY environment variable, which might allow remote attackers to redirect an...
WinSMS 3.43 Local Privilege Escalation
Exploit Title: WinSMS 3.43 Local Privilege Escalation Date: 13/09/2016 Exploit Author: Tulpa Contact: [email protected] Author website: www.tulpa-security.com Vendor Homepage: http://www.winsms.co.za Software Link: https://www.winsms.co.za/products/bulk-sms-desktop-software/ Version:...
Raptor Web Application Firewall
Raptor Web Application Firewall Raptor Web Application Firewall is a simple web application firewall made in C, using KISS principle , to make poll use select function, is not better than epoll or kqueue from BSD but is portable, the core of match engine using DFA to detect XSS, SQLi and path...
Security Advisory - Multiple Security Vulnerabilities in Huawei HiSuite
Huawei HiSuite PC client software has an information leak vulnerability. The software provides the function for configuring the proxy server. The password textbox on the proxy configuration UI do not disable the password copy function. An attacker who can log in to the system can copy out the...
proxy.its.virginia.edu XSS vulnerability
Vulnerable URL: https://www.proxy.its.virginia.edu:8443/ezproxy/auth.cgi?url=x%22%3E%3CsvG%20onLoad=prompt%28/openbugbounty/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 06.09.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...
FreeBSD : phpmyadmin -- multiple vulnerabilities (ef70b201-645d-11e6-9cdc-6805ca0b3d42)
The phpmyadmin development team reports : Weakness with cookie encryption Multiple XSS vulnerabilities Multiple XSS vulnerabilities PHP code injection Full path disclosure SQL injection attack Local file exposure Local file exposure through symlinks with UploadDir Path traversal with SaveDir and...
Amazon Linux AMI : golang (ALAS-2016-731) (httpoxy)
An input-validation flaw was discovered in the Go programming language built in CGI implementation, which set the environment variable 'HTTPPROXY' using the incoming 'Proxy' HTTP-request header. The environment variable 'HTTPPROXY' is used by numerous web clients, including Go's net/http package,...
phpmyadmin -- multiple vulnerabilities
The phpmyadmin development team reports: Weakness with cookie encryption Multiple XSS vulnerabilities Multiple XSS vulnerabilities PHP code injection Full path disclosure SQL injection attack Local file exposure Local file exposure through symlinks with UploadDir Path traversal with SaveDir and...
Raptor WAF v0.2 - Web Application Firewall using DFA
Raptor WAF is a simple web application firewall made in C, using KISS principle, to make poll use select function, is not better than epoll or kqueue from BSD but is portable, the core of match engine using DFA to detect XSS, SQLi and path traversal. No more words, look at the following : WAF...
Squid Incompletely Fixes Remote Buffer Overflow Vulnerability
Squid is a suite of proxy server and web caching server software. A remote buffer overflow vulnerability exists in Squid. An attacker could exploit the vulnerability to execute arbitrary code in the context of an affected application...
RedHat Update for squid RHSA-2016:1573-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...