7081 matches found
Command injection
An issue was discovered on Victure WR1200 devices through 1.0.3. A command injection vulnerability was found within the web interface of the device, allowing an attacker with valid credentials to inject arbitrary shell commands to be executed by the device with root privileges. This occurs in the...
CVE-2021-43283
An issue was discovered on Victure WR1200 devices through 1.0.3. A command injection vulnerability was found within the web interface of the device, allowing an attacker with valid credentials to inject arbitrary shell commands to be executed by the device with root privileges. This occurs in the...
tomcat: HTTP request smuggling when used with a reverse proxy
Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specifically: - Tomcat incorrectly ignored the transfer...
tomcat: HTTP request smuggling when used with a reverse proxy
Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specifically: - Tomcat incorrectly ignored the transfer...
Laundry Booking Management System 1.0 - Remote Code Execution Exploit
Exploit Title: Laundry Booking Management System 1.0 - Remote Code Execution RCE Exploit Author: Pablo Santiago Vendor Homepage: https://www.sourcecodester.com/php/14400/laundry-booking-management-system-php-source-code.html Software Link:...
Victure WR1200 操作系统命令注入漏洞
The Victure WR1200 is a router. A security vulnerability exists in the Victure WR1200 1.0.3 and prior versions, which stems from a lack of command filtering and restriction in the device's web interface, resulting in a command injection vulnerability that could be exploited by an attacker to inje...
Laundry Booking Management System 1.0 Remote Code Execution
Exploit Title: Laundry Booking Management System 1.0 - Remote Code Execution RCE Date: 29/11/2021 Exploit Author: Pablo Santiago Vendor Homepage: https://www.sourcecodester.com/php/14400/laundry-booking-management-system-php-source-code.html Software Link:...
Exploit for Path Traversal in Microsoft
CVE-2021-40444 PoC Malicious docx generator to exploit CVE-20...
Exploit for CVE-2021-24086
CVE-2021-24086 This is a proof of concept for CVE-2021-24086...
MixinTransfer.sol#transferFrom Wrong implementation can potentially allows attackers to reverse transfer and cause fund loss to the users
Handle WatchPug Vulnerability details if toKey.tokenId == 0 toKey.tokenId = tokenId; recordOwnerrecipient, tokenId; // Clear any previous approvals clearApprovaltokenId; if previousExpiration = block.timestamp // The recipient did not have a key, or had a key but it expired. The new expiration is...
GHSA-3HFW-X7GX-437C Path traversal in Matrix Synapse
Impact Synapse instances with the media repository enabled can be tricked into downloading a file from a remote server into an arbitrary directory, potentially outside the media store directory. The last two directories and file name of the path are chosen randomly by Synapse and cannot be...
CVE-2021-41281
Synapse is a package for Matrix homeservers written in Python 3/Twisted. Prior to version 1.47.1, Synapse instances with the media repository enabled can be tricked into downloading a file from a remote server into an arbitrary directory. No authentication is required for the affected endpoint. T...
PYSEC-2021-436
Synapse is a package for Matrix homeservers written in Python 3/Twisted. Prior to version 1.47.1, Synapse instances with the media repository enabled can be tricked into downloading a file from a remote server into an arbitrary directory. No authentication is required for the affected endpoint. T...
CVE-2021-41281
Synapse is a package for Matrix homeservers written in Python 3/Twisted. Prior to version 1.47.1, Synapse instances with the media repository enabled can be tricked into downloading a file from a remote server into an arbitrary directory. No authentication is required for the affected endpoint. T...
Authentication flaw
Synapse is a package for Matrix homeservers written in Python 3/Twisted. Prior to version 1.47.1, Synapse instances with the media repository enabled can be tricked into downloading a file from a remote server into an arbitrary directory. No authentication is required for the affected endpoint. T...
PYSEC-2021-436
Synapse is a package for Matrix homeservers written in Python 3/Twisted. Prior to version 1.47.1, Synapse instances with the media repository enabled can be tricked into downloading a file from a remote server into an arbitrary directory. No authentication is required for the affected endpoint. T...
CVE-2021-41281
Synapse is a package for Matrix homeservers written in Python 3/Twisted. Prior to version 1.47.1, Synapse instances with the media repository enabled can be tricked into downloading a file from a remote server into an arbitrary directory. No authentication is required for the affected endpoint. T...
golang: net/http/httputil: panic due to racy read of persistConn after handler panic
A race condition flaw was found in Go. The incoming requests body weren't closed after the handler panic and as a consequence this could lead to ReverseProxy crash. The highest threat from this vulnerability is to Availability...
Exploit for Path Traversal in Microsoft
CVE-2021-40444 PoC Malicious docx generator to exploit CVE-20...
openSUSE 15 Security Update : tomcat (openSUSE-SU-2021:1490-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1490-1 advisory. - A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to...