EUVD-2021-34107

Malicious code in bioql PyPI...

CVE-2021-4265

A vulnerability was found in siwapp-ror. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 924d16008cfcc09356c87db01848e45290cb58ca. It is recommended to appl...

CVE-2021-4265

A vulnerability was found in siwapp-ror. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 924d16008cfcc09356c87db01848e45290cb58ca. It is recommended to appl...

Cross site scripting

A vulnerability was found in siwapp-ror. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 924d16008cfcc09356c87db01848e45290cb58ca. It is recommended to appl...

CVE-2021-4265

CVE-2021-4265 concerns siwapp-ror with a cross-site scripting vulnerability arising from manipulation of unknown processing. The issue is reported as remote in nature and affects an unspecified subset of the product; no vendor/product versions are detailed in the provided documents. A patch is id...

CVE-2021-4265 siwapp-ror cross site scripting

A vulnerability was found in siwapp-ror. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 924d16008cfcc09356c87db01848e45290cb58ca. It is recommended to appl...

PT-2022-11653 · Unknown · Siwapp-Ror

Name of the Vulnerable Software and Affected Versions: siwapp-ror affected versions not specified Description: A problem was found in the software, affecting some unknown processing, which can lead to cross site scripting when manipulated. The attack can be initiated remotely. Recommendations: To...

CVE-2021-4265 siwapp-ror cross site scripting

A vulnerability was found in siwapp-ror. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 924d16008cfcc09356c87db01848e45290cb58ca. It is recommended to appl...

Malicious code in procore-sample-ror (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2dc6f4838b759013378cffc35f10b117fb48dbf721fb708018ed02ac6ca1eeff Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Windows/x86 - XOR/DEC/NOT/ROR encrypted / encoded + null free reverse tcp Shellcode (840 bytes)

Windows/x86 - XOR/DEC/NOT/ROR XDNR encrypted / encoded + null free reverse tcp 192.168.201.11:4444 Shellcode 840 bytes / \ / /\ \ \ \ \ \ / | | \ / | | / / \ | / | \ | \ //\ / /| /| / / / / / X0R Cryptor with DEC/N0T/R0R encoder plus random byte insertion Author: @xen0vas / include...

Ruby: Path traversal in Tempfile on windows OS due to unsanitized backslashes

Hi team, Summary We've noticed that both arguments basename and ext of Tempfile on Windows are vulnerable to a path traversal which could allow unintentional file creating in arbitrary writable directories. Tempfile often has a user control either by basename or ext or both. PoC irbmain:029:0...

Linux/x86 - Random Bytes Encoder + XOR/SUB/NOT/ROR execve(/bin/sh) Shellcode (114 bytes)

Title: Linux/x86 - Random Bytes Encoder + XOR/SUB/NOT/ROR execve/bin/sh Shellcode 114 Author: Xenofon Vassilakopoulos Tested on: Linux kali 5.3.0-kali2-686-pae 1 SMP Debian 5.3.9-3kali1 2019-11-20 i686 GNU/Linux Architecture: i686 GNU/Linux Shellcode Length: 114 bytes SLAE-ID: SLAE - 1314...

Linux/x86 Encoder / Decoder Shellcode (117 bytes)

Title : Linux/x86 - Encoder - Random Bytes + XOR/SUB/NOT/ROR / Decoder - ROL/NOT/ADD/XOR execve/bin/sh Shellcode 117 bytes Author : Xenofon Vassilakopoulos Date : July, 2019 Tested on : Linux kali 5.3.0-kali2-686-pae 1 SMP Debian 5.3.9-3kali1 2019-11-20 i686 GNU/Linux Architecture : i686 GNU/Linu...

ror-varberg.se XSS vulnerability

Vulnerable URL: http://ror-varberg.se/"';-- Details: Description| Value ---|--- Patched:| Yes, at 09.12.2015 Latest check for patch:| 09.12.2015 01:31 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Google Pagerank| 0 VIP website status:...

linux/x86 /bin/sh ROL/ROR Encoded Shellcode

Custom shellcode encoder/decoder that switches between byte ROR and byte ROL 1. Update eRORoROL-encoder.py with your shellcode 2. Run eRORoROL-encoder.py 3. Copy output from eRORoROL-encoder.py and update eRORoROL-decoder.nasm 4. Run eRORoROLcompile.sh -----eRORoROL-encoder.py BEGIN CODE-----...

Ruby on Rails XML Processor YAML Deserialization Code Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

Redmine未明开放重定向漏洞

Redmine是用Ruby开发的基于web的项目管理软件，是用ROR框架开发的一套跨平台项目管理系统。 Redmine不正确过滤用户输入，允许攻击者构建恶意URI，诱使用户解析，可重定向用户通信，进行网络钓鱼等攻击。 0 Redmine 2.x Redmine 2.5.1或2.4.5版本已修复该漏洞，建议用户下载使用： http://www.redmine.org/...

Ruby on Rails JSON Processor YAML Deserialization Code Execution

This module exploits a remote code execution vulnerability in the JSON request processor of the Ruby on Rails application framework. This vulnerability allows an attacker to instantiate a remote object, which in turn can be used to execute any ruby code remotely in the context of the application...

Ruby on Rails - JSON Processor YAML Deserialization Code Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Ruby on Rails JSON Processor YAML...

Ruby on Rails JSON Processor YAML Deserialization Code Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Ruby on Rails JSON Processor YAML...