CVE-2015-0746

Cisco ACS REST API Denial of Service vulnerability (CVE-2015-0746) affects ACS 5.5(0.46.2). A remote attacker can cause API outages by sending large numbers of requests to the REST API (Bug CSCut62022). Affected component is the REST API; root cause described in Cisco advisory. Remediation status...

CVE-2015-0746

The REST API in Cisco Access Control Server ACS 5.50.46.2 allows remote attackers to cause a denial of service API outage by sending many requests, aka Bug ID CSCut62022...

Web Application Security Scanner Framework: Arachni

Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of modern web applications. It is free, with its source code public and available for review. It is multi-platform, supporting all major operating...

InfluxDB Enum Utility

This module enumerates databases on InfluxDB using the REST API using the default authentication of root:root. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'InfluxDB Enum Utility',...

WP REST API (WP API) <= 1.2 - Post Revision Disclosure

Unauthenticated users could access revisions of published and unpublished posts. Revisions are now only accessible to authenticated users with permission to edit the revision's post...

WordPress WP REST API Plugin <= 1.2 - Post Revision Disclosure

Because of this vulnerability, unpublished content and post revisions can be retrieved via the REST API. Solution Update the plugin...

Sensitive information displayed in anonymous REST API calls

h4. Expected behavior Block sensitive information from being displayed on anonymous REST API calls in JIRA. h4. Actual behavior Users' full-name are displayed when running the calls below: noformat /user/picker?query= /groupuserpicker?query=ali&showAvatar noformat Default fields and custom fields...

Sensitive information displayed in anonymous REST API calls

h4. Expected behavior Block sensitive information from being displayed on anonymous REST API calls in JIRA. h4. Actual behavior Users' full-name are displayed when running the calls below: noformat /user/picker?query= /groupuserpicker?query=ali&showAvatar noformat Default fields and custom fields...

Sensitive information displayed in anonymous REST API calls

h4. Expected behavior Block sensitive information from being displayed on anonymous REST API calls in JIRA. h4. Actual behavior Users' full-name are displayed when running the calls below: noformat /user/picker?query= /groupuserpicker?query=ali&showAvatar noformat Default fields and custom fields...

ElasticSearch - Search Groovy Sandbox Bypass (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'ElasticSearch Search Groovy Sandbox Bypass', 'Description' = %q This module exploits a remote command execution RCE vulnerability in...

MongoDB Unauthenticated REST API (HTTP)

The remote MongoDB REST API is unprotected. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mongodb:mongodb"; if description...

ElasticSearch Search Groovy Sandbox Bypass Exploit

This Metasploit module exploits a remote command execution RCE vulnerability in ElasticSearch, exploitable by default on ElasticSearch prior to 1.4.3. The bug is found in the REST API, which does not require authentication, where the search function allows groovy code execution and its sandbox ca...

MongoDB Unauthenticated REST API Detection

The remote web server is running an unauthenticated REST API for MongoDB, a document-oriented database system. A remote attacker can exploit this API to read arbitrary collections from databases in the system. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid81778;...

ElasticSearch Search Groovy Sandbox Bypass

This module exploits a remote command execution RCE vulnerability in ElasticSearch, exploitable by default on ElasticSearch prior to 1.4.3. The bug is found in the REST API, which does not require authentication, where the search function allows groovy code execution and its sandbox can be bypass...

Facebook Bug Bounty Submissions Climb in 2014

Less than two months into the year and Facebook said it has already validated more than 100 submissions to its bug bounty, demonstrating a consistently growing interest in such programs industry wide. “Report volume is at its highest levels, and researchers are finding better bugs than ever...

CVE-2014-0151

Cross-site request forgery CSRF vulnerability in oVirt Engine before 3.5.0 beta2 allows remote attackers to hijack the authentication of users for requests that perform unspecified actions via a REST API request...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in oVirt Engine before 3.5.0 beta2 allows remote attackers to hijack the authentication of users for requests that perform unspecified actions via a REST API request...

CVE-2014-0151

The CVE-2014-0151 CSRF flaw affects oVirt Engine prior to 3.5.0 beta2, enabling a remote attacker to hijack a legitimate user’s session by crafting a page that triggers REST API actions. Root cause is a CSRF vulnerability in the oVirt REST API, with the trusted session reused for unintended reque...

Design/Logic Flaw

The Search REST API in IBM Business Process Manager 8.0.1.3, 8.5.0.1, and 8.5.5.0 allows remote authenticated users to bypass intended access restrictions and perform task-instance and process-instance searches by specifying a false value for the filterByCurrentUser parameter...

CVE-2014-6139

The CVE concerns IBM Business Process Manager (BPM) Search REST API allowing authenticated non-administrative users to bypass access controls by supplying an incorrect filterByCurrentUser value, enabling discovery of task- and process-instances the user should not see. Affected BPM products/versi...