198 matches found
SUSE-SU-2021:3335-1 Security update for apache2
This update for apache2 fixes the following issues: - CVE-2021-40438: Fixed a SRF via a crafted request uri-path. bsc1190703 - CVE-2021-36160: Fixed an out-of-bounds read via a crafted request uri-path. bsc1190702 - CVE-2021-39275: Fixed an out-of-bounds write in apescapequotes via malicious inpu...
USN-5090-3: Apache HTTP Server regression
USN-5090-1 fixed vulnerabilities in Apache HTTP Server. One of the upstream fixes introduced a regression in UDS URIs. This update fixes the problem. Original advisory details: James Kettle discovered that the Apache HTTP Server HTTP/2 module incorrectly handled certain crafted methods. A remote...
CVE-2021-40438 mod_proxy SSRF
A crafted request uri-path can cause modproxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier...
CVE-2021-34630
In the Pro and Enterprise versions of GTranslate 2.8.65, the gtranslaterequesturivar function runs at the top of all pages and echoes out the contents of $SERVER'REQUESTURI'. Although this uses addslashes, and most modern browsers automatically URLencode requests, this plugin is still vulnerable ...
MGASA-2021-0314 Updated httpcomponents-client packages fix a security vulnerability
Priyank Nigam discovered that HttpComponents Client could misinterpret malformed authority component in a request URI and pick the wrong target host for request execution CVE-2020-13956...
CVE-2021-32637 Authentication bypassed with malformed request URI
Authelia is a a single sign-on multi-factor portal for web apps. This affects uses who are using nginx ngxhttpauthrequestmodule with Authelia, it allows a malicious individual who crafts a malformed HTTP request to bypass the authentication mechanism. It additionally could theoretically affect...
CVE-2021-20289
A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are returned as part of the exception response when RESTEasy cannot convert one of the request URI path or query values to the matching JAX-RS resource method's parameter value. The...
keycloak: Default Client configuration is vulnerable to SSRF using "request_uri" parameter
A flaw was found in Keycloak, where it is possible to force the server to call out an unverified URL using the OIDC parameter requesturi. This flaw allows an attacker to use this parameter to execute a Server-side request forgery SSRF attack...
keycloak: Default Client configuration is vulnerable to SSRF using "request_uri" parameter
A flaw was found in Keycloak, where it is possible to force the server to call out an unverified URL using the OIDC parameter requesturi. This flaw allows an attacker to use this parameter to execute a Server-side request forgery SSRF attack...
apache-httpclient: incorrect handling of malformed authority component in request URIs
Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution...
PT-2020-12318 · Red Hat · Keycloak
Name of the Vulnerable Software and Affected Versions: Keycloak versions prior to 13.0.0 Description: A flaw was found in Keycloak, where it is possible to force the server to call out an unverified URL using the OIDC parameter request uri. This flaw allows an attacker to use this parameter to...
[SECURITY] [DLA 2405-1] httpcomponents-client security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2405-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany October 10, 2020 https://wiki.debian.org/LTS -...
Zoho ManageEngine Directory Traversal (CVE-2020-12116)
A directory traversal vulnerability exists in ManageEngine OpManager. This vulnerability is due to improper validation of user input in the request URI...
Internet Bug Bounty: Cache Manager ACL Bypass
Summary: ACL Manager can be bypassed giving non authorized users to squid-internal-mgr. Possible to bypass other urlregex, but only focused on manager. with the hostname of the server running squid echo -e "GET https://jeriko.one%252f@:3128/squid-internal-mgr/activerequests HTTP/1.1\r\n\r\n" |nc...
CVE-2019-19491
TestLink 1.9.19 has XSS via the lib/testcases/archiveData.php edit parameter, the index.php reqURI parameter, or the URI in a lib/testcases/tcEdit.php?doAction=doDeleteStep request...
Fedora 28 : php-zendframework-zend-feed (2018-7da5983771)
2.10.3 - 2018-08-01 Added - Nothing. Changed - This release modifies how Zend\Feed\Pubsubhubbub\AbstractCallback::detectCallbac kUrl marshals the request URI. In prior releases, we would attempt to inspect the X-Rewrite-Url and X-Original-Url headers, using their values, if present. These headers...
Nextcloud: Content spoofing on https://surveyserver.nextcloud.com
Hi NextCloud team, the https://surveyserver.nextcloud.com domain is vulnerable against content spoofing in the forbidden page due to the fact that the request URI is reflected without validation inside the aforementioned page. 1. Go on...
phpMyAdmin index.php Local File Inclusion (CVE-2018-12613)
A local file inclusion vulnerability exists in phpMyAdmin. The vulnerability is due to improper sanitization of the request URI. A remote, authenticated attacker could exploit this vulnerability by sending a crafted request to the target server. Successful exploitation could lead to information...
CVE-2018-17039
MiniCMS 1.10, when Internet Explorer is used, allows XSS via a crafted URI because $SERVER'REQUESTURI' is mishandled...
MiniCMS Cross-Site Scripting Vulnerability (CNVD-2018-19748)
MiniCMS is a mini content management system CMS designed for personal websites. A cross-site scripting vulnerability exists in MiniCMS version 1.10, which stems from the program's failure to properly handle $SERVER'REQUESTURI'. A remote attacker can inject arbitrary web script or HTML with the he...