7082 matches found
Design/Logic Flaw
Zulip Server before 2.1.3 allows reverse tabnabbing via the Markdown functionality...
CVE-2020-9444
Zulip Server before 2.1.3 allows reverse tabnabbing via the Markdown functionality...
CVE-2020-9444
Zulip Server prior to 2.1.3 is affected by CVE-2020-9444 due to a reverse tabnabbing issue in the Markdown functionality. The root cause is exposed in Zulip’s Markdown handling, allowing an attacker to harness tabnabbing behavior. The vulnerability affects Zulip Server versions before 2.1.3; reme...
Nextcloud: Code injection possible with malformed Nextcloud Talk chat commands
Summary The Nextcloud Talk app allows system administrators to setup chat commands that can be executed in Talk using the "/command" syntax. Users can provide additional arguments to the commands, such as "/calc 1+1" or "/wiki Hello", which are passed to the underlying script using @exec. If...
ThinkPHP - Multiple PHP Injection RCEs (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ThinkPHP Multiple PHP Injection RCEs', 'Description' = %q This module exploits one of two PHP injection vulnerabilities in the ThinkPHP web...
CVE-2019-12520
An issue was discovered in Squid through 4.7 and 5. When receiving a request, Squid checks its cache to see if it can serve up a response. It does this by making a MD5 hash of the absolute URL of the request. If found, it servers the request. The absolute URL can include the decoded UserInfo...
DEBIAN-CVE-2019-12520
An issue was discovered in Squid through 4.7 and 5. When receiving a request, Squid checks its cache to see if it can serve up a response. It does this by making a MD5 hash of the absolute URL of the request. If found, it servers the request. The absolute URL can include the decoded UserInfo...
UBUNTU-CVE-2019-12520
An issue was discovered in Squid through 4.7 and 5. When receiving a request, Squid checks its cache to see if it can serve up a response. It does this by making a MD5 hash of the absolute URL of the request. If found, it servers the request. The absolute URL can include the decoded UserInfo...
CVE-2019-12520
An issue was discovered in Squid through 4.7 and 5. When receiving a request, Squid checks its cache to see if it can serve up a response. It does this by making a MD5 hash of the absolute URL of the request. If found, it servers the request. The absolute URL can include the decoded UserInfo...
Cross site request forgery (csrf)
An issue was discovered in Squid through 4.7 and 5. When receiving a request, Squid checks its cache to see if it can serve up a response. It does this by making a MD5 hash of the absolute URL of the request. If found, it servers the request. The absolute URL can include the decoded UserInfo...
CVE-2019-12520
An issue was discovered in Squid through 4.7 and 5. When receiving a request, Squid checks its cache to see if it can serve up a response. It does this by making a MD5 hash of the absolute URL of the request. If found, it servers the request. The absolute URL can include the decoded UserInfo...
CVE-2019-12520
CVE-2019-12520 affects Squid (versions up to 4.7 and 5.x per the sources). The vulnerability arises when Squid handles a request by computing an MD5 hash of the absolute URL to check the cache; if the URL includes a decoded UserInfo (username:password), that info is prepended to the domain. An at...
CVE-2019-12520
An issue was discovered in Squid through 4.7 and 5. When receiving a request, Squid checks its cache to see if it can serve up a response. It does this by making a MD5 hash of the absolute URL of the request. If found, it servers the request. The absolute URL can include the decoded UserInfo...
OSX Meterpreter, Reverse TCP Stager with UUID Support (OSX x64)
Inject the mettle server payload staged. Connect back to the attacker with UUID Support OSX x64 This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 204 include...
OS X dup2 Command Shell, Reverse TCP Stager with UUID Support (OSX x64)
dup2 socket in edi, then execve. Connect back to the attacker with UUID Support OSX x64 This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 204 include Msf::Payload::Osx::ReverseTcpx64...
Fedora: Security Advisory for haproxy (FEDORA-2020-16cd111544)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Serverless Prey - Serverless Functions For Establishing Reverse Shells To Lambda, Azure Functions, And Google Cloud Functions
Serverless Prey is a collection of serverless functions FaaS, that, once launched to a cloud environment and invoked, establish a TCP reverse shell, enabling the user to introspect the underlying container: Panther: AWS Lambda written in Node.js Cougar: Azure Function written in C Cheetah: Google...
Unauthorized Reverse Proxy Connection
The Apache HTTP Server is a popular web server. It was discovered that the fix for CVE-2011-3368 did not completely address the problem. An attacker could bypass the fix and make a reverse proxy connect to an arbitrary server not directly accessible to the attacker by sending an HTTP version 0.9...
Man-in-the-Middle (MitM)
httpd is vulnerable to man-in-the-middle MiTM. The vulnerability exists as it was discovered that the fix for CVE-2011-3368 released via RHSA-2011:1391 did not completely address the problem. An attacker could bypass the fix and make a reverse proxy connect to an arbitrary server not directly...
Denial Of Service (DoS)
The Apache HTTP Server is vulnerable to Denial of Service DoS. A denial of service flaw was found in the Apache modproxy module when it was used as a reverse proxy. A remote attacker could use this flaw to force a proxy process to consume large amounts of CPU time...