7082 matches found
Brute force attacks increase due to more open RDP ports
While leaving your back door open while you are working from home may be something you do without giving it a second thought, having unnecessary ports open on your computer is a security risk that is sometimes underestimated. Thats because an open port can be subject to brute force attacks. What...
golang: data race in certain net/http servers including ReverseProxy can lead to DoS
A flaw was found Go's net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability...
Taken - Takeover AWS Ips And Have A Working POC For Subdomain Takeover
Takeover AWS ips and have a working POC for Subdomain Takeover. Idea is simple Get subdomains. Do reverse lookups to only save AWS ips. Restart EC2 instance every min. and public ip gets rotated on each restart. Match it with your existing list of subdomain ips and you have a working subdomain...
GHSA-3X8C-FMPC-5RMQ Cross-site scripting (XSS) vulnerability in the fallback authentication endpoint
Impact The fallback authentication endpoint served via Synapse was vulnerable to cross-site scripting XSS attacks. The impact depends on the configuration of the domain that Synapse is deployed on, but may allow access to cookies and other browser data, CSRF vulnerabilities, and access to other...
Cross-site scripting (XSS) vulnerability in the fallback authentication endpoint
Impact The fallback authentication endpoint served via Synapse was vulnerable to cross-site scripting XSS attacks. The impact depends on the configuration of the domain that Synapse is deployed on, but may allow access to cookies and other browser data, CSRF vulnerabilities, and access to other...
CS-Cart 1.3.3 - authenticated RCE
Exploit Title: CS-Cart authenticated RCE Date: 2020-09-22 Exploit Author: 0xmmnbassel Vendor Homepage: https://www.cs-cart.com/e-commerce-platform.html Tested at: ver. 1.3.3 Vulnerability Type: authenticated RCE get PHP shells from http://pentestmonkey.net/tools/web-shells/php-reverse-shell edit ...
aaPanel 6.6.6 - Privilege Escalation & Remote Code Execution (Authenticated)
Exploit Title: aaPanel 6.6.6 - Authenticated Privilege Escalation Google Dork: Date: 04.05.2020 Exploit Author: Ünsal Furkan Harani Zemarkhos Vendor Homepage: https://www.aapanel.com/ Software Link: https://github.com/aaPanel/aaPanel Version: 6.6.6 REQUIRED Tested on: Linux ubuntu 4.4.0-131-gener...
Exploit for OS Command Injection in Webmin
CVE-2019–15107 - Unauthenticated RCE Webmin =1.920 This...
Nuubi Tools - Information Ghatering, Scanner And Recon
Nuubi Tools: Information-ghatering|Scanner|Recon Options: -h/--help | Show help message and exit Arguments: -b/--banner | Banner grabing of target ip address -s/--subnet | Subnetlookup of target -c/--cms | Cms detect with headers -d/--dns | Dnslookup of target domain -e/--extract | Extract links...
Exploit for Code Injection in Nette Application
CVE-2020-15227 ============== DISCLAIMER! I take no responsibil...
Exploit for Code Injection in Nette Application
CVE-2020-15227 ============== DISCLAIMER! I take no responsibil...
golang: data race in certain net/http servers including ReverseProxy can lead to DoS
A flaw was found Go's net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability...
squid security update
7:3.5.20-17.4 - Resolves: 1872349 - CVE-2020-24606 squid: Improper Input Validation could result in a DoS - Resolves: 1872327 - CVE-2020-15810 squid: HTTP Request Smuggling could result in cache poisoning - Resolves: 1872342 - CVE-2020-15811 squid: HTTP Request Splitting could result in cache...
Directory Traversal vulnerability in GET/PUT allows attackers to Disclose Information or Write Files via a crafted GET/PUT request
Impact Information Disclosure When the GET method is attacked, attackers can read files which have a .data suffix and which are accompanied by a JSON file with the .meta suffix. This can lead to Information Disclosure and in some shared-hosting scenarios also to circumvention of authentication or...
ALPINE-CVE-2020-25613
An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy which also has a po...
DEBIAN-CVE-2020-25613
An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy which also has a po...
Authorization
An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy which also has a po...
UBUNTU-CVE-2020-25613
An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy which also has a po...
CVE-2020-25613
An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy which also has a po...
CVE-2020-25613
An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy which also has a po...