182 matches found
FiverrScript CSRF Vulnerability (Add New Admin) Vulnerability
Exploit for php platform in category web applications Exploit Title: FiverrScript CSRF Vulnerability add New admin Author: Mahmoud Gamal @Zombiehelp54 Google Dork: intext:Powered by FiverrScript Date: 10/06/2015 Exploit Author: Scriptolution Vendor Homepage: http://scriptolution.com Software Link...
FiverrScript - Cross-Site Request Forgery (Add Admin)
FiverrScript - Cross-Site Request Forgery Add Admin Exploit Title: FiverrScript CSRF Vulnerability add New admin Author: Mahmoud Gamal @Zombiehelp54 Google Dork: intext:Powered by FiverrScript Date: 10/06/2015 Exploit Author: Scriptolution Vendor Homepage: http://scriptolution.com Software Link:...
FiverrScript - Cross-Site Request Forgery (Add Admin)
Exploit Title: FiverrScript CSRF Vulnerability add New admin Author: Mahmoud Gamal @Zombiehelp54 Google Dork: intext:Powered by FiverrScript Date: 10/06/2015 Exploit Author: Scriptolution Vendor Homepage: http://scriptolution.com Software Link: http://fiverrscript.com Version: 7.2 Tested on:...
BSDI BSD/OS 4.0,FreeBSD 3.2,NetBSD 1.4 x86,OpenBSD 2.5 UFS Secure Level 1 Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/510/info In 4.4BSD derivatives there are four secure levels that provide for added filesystem security among other things over and above the regular unix permission systems. Part of the secure levels are the system of fil...
Regression - "Browse Project" permission for "Reporter" grants users to see projects they are not permitted to.
panel:bgColor=e7f4fa NOTE: This bug report is for JIRA Server. Using JIRA Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/JRACLOUD-34389. panel Regression of JRA-4935 When i add the "Reporter" to the "Browse Project" Permission of one project. This project instantly becom...
Nmap NSE 6.01: smb-security-mode
Returns information about the SMB security level determined by SMB. Here is how to interpret the output: User-level authentication: Each user has a separate username/password that is used to log into the system. This is the default setup of pretty much everything these days. Share-level...
Grant "Browse Project" permission to "Current Assignee" makes project visible to all users
panel:bgColor=e7f4fa NOTE: This bug report is for JIRA Server. Using JIRA Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/JRACLOUD-31720. panel h3. Summary This bug is related to closed bug ticket https://jira.atlassian.com/browse/JRA-8950 When the Current Assignee is giv...
Grant "Browse Project" permission to "Current Assignee" makes project visible to all users
panel:bgColor=e7f4fa NOTE: This bug report is for JIRA Cloud. Using JIRA Server? See the corresponding bug report|http://jira.atlassian.com/browse/JRASERVER-31720. panel panel:title=Status Update|borderStyle=solid|borderColor=ff7f7f|titleBGColor=ff7f7f|bgColor=e5e5e5 Hi everyone, We have reviewed...
7: bypass of the security level setting in browser plugin (Deployment, SE-2012-01 Issue 53)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 10 and Update 11, when running on Windows using Internet Explorer, Firefox, Opera, and Google Chrome, allows remote attackers to bypass the "Very High" security level of the Java Control Panel and...
CVE-2013-1489
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 10 and Update 11, when running on Windows using Internet Explorer, Firefox, Opera, and Google Chrome, allows remote attackers to bypass the "Very High" security level of the Java Control Panel and...
Security feature bypass
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 10 and Update 11, when running on Windows using Internet Explorer, Firefox, Opera, and Google Chrome, allows remote attackers to bypass the "Very High" security level of the Java Control Panel and...
CVE-2013-1489
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 10 and Update 11, when running on Windows using Internet Explorer, Firefox, Opera, and Google Chrome, allows remote attackers to bypass the "Very High" security level of the Java Control Panel and...
sudo default configuration of the hazard and the local mention of the right of use-vulnerability warning-the black bar safety net
Pixel bun sudo allows a regular user to other users permissionsdefault is rootto perform some or all of the commands, it is a control non-Ops the permission of the good scenarios to put the root to the non-operation and maintenance personnel is quite dangerous a thing, and also a avoid ssh direct...
Mandriva Update for msec MDVA-2010:079 (msec)
Check for the Version of msec OpenVAS Vulnerability Test Mandriva Update for msec MDVA-2010:079 msec Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
Mandriva Update for msec MDVA-2010:078 (msec)
Check for the Version of msec OpenVAS Vulnerability Test Mandriva Update for msec MDVA-2010:078 msec Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
Mandriva Update for msec MDVA-2010:079 (msec)
Check for the Version of msec OpenVAS Vulnerability Test Mandriva Update for msec MDVA-2010:079 msec Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
JQL not respecting Issue Security Level "Project Lead"
While writing TestIssueSecurityLevel I found the following problem: fred is not a Project Lead HSP-3 has Issue Security Level of "Project Lead" only. empty JQL to show all visible issues doesn't show HSP-3. make fred the Project Lead same query: still no HSP-3 however: fred can browse to HSP-3 an...
JQL not respecting Issue Security Level "Project Lead"
While writing TestIssueSecurityLevel I found the following problem: fred is not a Project Lead HSP-3 has Issue Security Level of "Project Lead" only. empty JQL to show all visible issues doesn't show HSP-3. make fred the Project Lead same query: still no HSP-3 however: fred can browse to HSP-3 an...
Allow issue security level to use any custom field that implements UserCFNotificationTypeAware
panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-18099. panel It would be useful to be able to set the security level on an issue to include everyone who participated on an issue so if you...
Allow issue security level to use any custom field that implements UserCFNotificationTypeAware
panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-18099. panel It would be useful to be able to set the security level on an issue to include everyone who participated on an issue so if you h...