Mozilla Firefox 跨站脚本漏洞

Mozilla Firefox is an open source Web browser from the Mozilla Foundation. Mozilla Firefox has a cross-site scripting vulnerability that stems from the fact that the product does not effectively filter the special characters in the Url in the QR code, which can be exploited by attackers to execut...

PT-2021-7412 · Mozilla +1 · Firefox For Android +1

Name of the Vulnerable Software and Affected Versions: Firefox for Android versions prior to 94 Description: A Universal XSS issue exists due to improper sanitization when processing a URL scanned from a QR code, allowing a remote attacker to conduct a cross-site scripting XSS attack. This issue...

Police Crime Record Management System 1.0 - 'casedetails' SQL Injection

Exploit Title: Police Crime Record Management System 1.0 - 'casedetails' SQL Injection Date: 12/08/2021 Exploit Author: Ömer Hasan Durmuş Software Link: https://www.sourcecodester.com/php/14894/police-crime-record-management-system.html Version: v1.0 Category: Webapps Tested on: Linux/Windows Ste...

Pathprober - Probe And Discover HTTP Pathname Using Brute-Force Methodology And Filtered By Specific Word Or 2 Words At Once

Probe and discover HTTP pathname using brute-force methodology and filtered by specific word or 2 words at once. Purpose Brute-forcing website directories or HTTP pathname and validate using HTTP response code is not relevant anymore. This tool will help you to perform a penetration test, because...

403Fuzzer - Fuzz 403/401Ing Endpoints For Bypasses

Fuzz 403ing endpoints for bypasses Follow on twitter! @intrudir This tool will check the endpoint with a couple of headers such as X-Forwarded-For It will also apply different payloads typically used in dir traversals, path normalization etc. to each endpoint on the path. e.g. /%2e/test/test2...

CVE-2021-27941

Unconstrained Web access to the device's private encryption key in the QR code pairing mode in the eWeLink mobile application through 4.9.2 on Android and through 4.9.1 on iOS allows a physically proximate attacker to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring th...

CVE-2021-25333

Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreen via scanning specific QR code...

Samsung Pay mini 信息泄露漏洞

Samsung Pay mini is a mobile application from Samsung South Korea. It provides a mobile payment function. An information disclosure vulnerability exists in the Samsung Pay mini application prior to v4.0.14, which allows unauthorized users to access balance information by scanning a specific QR co...

CVE-2020-26759

clickhouse-driver before 0.1.5 allows a malicious clickhouse server to trigger a crash or execute arbitrary code on a database client via a crafted server response, due to a buffer overflow...

Arbitrary File Upload

Dolibarr is vulnerable to arbitrary file upload. A user with read access privilege to the storage of files is able to perform unrestricted uploading of files once edited from "disabled" to "enabled" in the HTML response code in societe/document.php...

CVE-2020-1710

A flaw was discovered in JBoss EAP, where it does not process the header field-name in accordance with RFC7230. Whitespace between the header field-name and colon is processed, resulting in an HTTP response code of 200 instead of a bad request of 400. Mitigation There is currently no known...

CVE-2020-8213

CVE-2020-8213 affects UniFi Protect; information disclosure allows unauthenticated attackers to enumerate valid usernames via HTTP response behavior and timing in versions before 1.13.4-beta.5. Root cause: mis-handling of authentication/response timing revealing usernames (per the sources). Impac...

GSA Bounty: Denial of service via cache poisoning on https://www.data.gov/

An attacker can persistently block access to any on https://www.data.gov/ by using cache poisoning with the h0st headers to cause 502 response code。 To replicate: load https://www.data.gov/ in your browser. look the burp , add ?xyzxyz=1 as cache buster , and add h0st headers h0st: wrtqvavjigwdvoq...

esp-v2:service_control_filter_fuzz_test: Global-buffer-overflow in google::api_proxy::service_control::set_response_code_class

Project: https://github.com/GoogleCloudPlatform/esp-v2.git Detailed Report: https://oss-fuzz.com/testcase?key=5753507539058688 Project: esp-v2 Fuzzing Engine: libFuzzer Fuzz Target: servicecontrolfilterfuzztest Job Type: libfuzzerasanesp-v2 Platform Id: linux Crash Type: Global-buffer-overflow RE...

CVE-2018-3899

An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. The transinfo call can overwrite a buffer of size 0x104, which is more than enough to...

Yi Home Camera Code Execution Vulnerability

Yi Home Camera is an IoT home camera sold worldwide. A code execution vulnerability exists in the QR code scanning feature in Yi Home Camera 27US 1.8.7.0D. The vulnerability can be exploited to cause a buffer overflow via a specially crafted QR code, which can be used for code execution...

CVE-2018-1000007

libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is...

YesWiki 0.2 - 'squelette' Directory Traversal

Exploit Title: YESWIKI 0.2 - Path Traversal Date: 2015-09-02 Exploit Author: HaHwul Exploit Author Blog: http://www.codeblack.net Vendor Homepage: http://yeswiki.net Software Link: https://github.com/YesWiki/yeswiki Version: yeswiki 0.2 Tested on: Debian Wheezy CVE : none...

HTTPNetworkSniffer - Http Sniffer Utility

HTTPNetworkSniffer is a packet sniffer tool that captures all HTTP requests/responses sent between the Web browser and the Web server and displays them in a simple table. For every HTTP request, the following information is displayed: Host Name, HTTP method GET, POST, HEAD, URL Path, User Agent,...

Coinbase: Coinbase Android Application - Bitcoin Wallet Leaks OAuth Response Code

Hi, There's a simple bug here, the Coinbase Android App. "BitCoin Wallet" leaks the OAuth Response Code which can be obtained using adb logcat -s Coinbase command line for testing, and any Android application on the same phone can read the response code for the user by reading the logs. As of now...