SSL Server Error Detection

Binary data 8284.prm...

CVE-2013-2074

kioslave/http/http.cpp in KIO in kdelibs 4.10.3 and earlier allows attackers to discover credentials via a crafted request that triggers an "internal server error," which includes the username and password in an error message...

Default credentials

kioslave/http/http.cpp in KIO in kdelibs 4.10.3 and earlier allows attackers to discover credentials via a crafted request that triggers an "internal server error," which includes the username and password in an error message...

Web Client Plug-in error: “invalid Single Sign-On token”

Challenge When a new user of the vSphere web client attempts to access the Veeam Web Client Plug-in, they encounter the following error: Server error: Failed to login to Veeam Backup Enterprise Manager. Login failed due to invalid Single Sign-On token Cause To successfully obtain statistics from...

format_string

This plugin finds format string bugs. Users have to know that detecting a format string vulnerability will be only possible if the server is configured to return errors, and the application is developed in cgi-c or some other language that allows the programmer to do this kind of mistakes. Plugin...

CVE-2013-2074

kioslave/http/http.cpp in KIO in kdelibs 4.10.3 and earlier allows attackers to discover credentials via a crafted request that triggers an "internal server error," which includes the username and password in an error message...

Information disclosure

IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3 allows remote authenticated users to obtain sensitive stack-trace information from CM server error messages via an invalid parameter...

XSS vulnerability in default 'internal server error' page

We have identified and fixed a reflected cross-site scripting XSS vulnerability in the Bamboo default 'internal server error' page. This issue is reported in our security advisory on this page: https://confluence.atlassian.com/x/rQP5FQ You can read more about XSS attacks at:...

“Server Error in '/' Application” After Installing/Upgrading Backup Enterprise Manager

“Server Error in '/' Application” After Installing/Upgrading Backup Enterprise Manager...

IBM WebSphere Application Server 8.0 < Fix Pack 1 Multiple Vulnerabilities

IBM WebSphere Application Server 8.0 before Fix Pack 1 appears to be running on the remote host and is potentially affected by the following vulnerabilities : - An open redirect vulnerability exists related to the 'logoutExitPage' parameter. This can allow remote attackers to trick users into...

RPC function call failed. The RPC server is unavailable. w/ Application-Aware Processing

Challenge A Backup or Replication job utilizing Application-Aware Processing fails with the error: RPC error:The RPC server is unavailable. Code: 1722 Cause Possible causes include, organized from most common to rarest: The ports that Veeam Backup & Replication is attempting to use are blocked by...

CVE-2011-2680

Unspecified vulnerability in IBM Rational DOORS Web Access 1.4.x before 1.4.0.4 has unknown impact and remote attack vectors related to the "server error response."...

CVE-2011-2680

CVE-2011-2680 affects IBM Rational DOORS Web Access 1.4.x before 1.4.0.4. The description is explicit that impact is unknown and that there are remote attack vectors related to the server error response. The NVD entry assigns a high base score (10.0) with network attack vector, no authentication,...

ECshop payment methods 0day manual injection EXP-vulnerability warning-the black bar safety net

ECshop payment methods 0day manual injection of the study The original EXP: respond. php? code=tenpay&attach=voucher&spbillno=1 andselect 1 fromselect count,concatselect select SELECT concat0x7e,0x27,count,0x27,0x7e FROM ecs. ecsadminuser from the informationschema. tables limit 0,1,floorrand02x...

nginx File Type Error parsing vulnerability-vulnerability warning-the black bar safety net

Vulnerability description: nginx is a high-performancethe web server, the use is very extensive, which not only is often used as a reverse proxy, it can also be very good support Support PHP to run. 80sec found there is a more serious security issues, by default could lead to a server error of th...

Phenotype CMS 2.8 - login.php?user Blind SQL Injection

Phenotype CMS 2.8 - login.php?user Blind SQL Injection Phenotype v2.8 Blind Sql Injection AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : http://ircrash.com My Official WebSite : http://r3dw0rm.ir IRCRASH Team Members : Khashayar Fereidani - R3d.w0rm Sina...

Mortbay Jetty Denial Of Service

?php Mortbay Jetty = 7.0.0-pre5 Dispatcher Servlet DoS Affected Software: Jetty 6.1.16, 7.0.0.pre5 all platforms Author: Ikki http://blog.nibblesec.org/ Description: The dispatcher servlet com.acme.DispatchServlet is prone to a DoS vulnerability. This example servlet is meant to be used as a...

Mortbay Jetty 7.0.0-pre5 Dispatcher Servlet - Denial of Service

Mortbay Jetty 7.0.0-pre5 Dispatcher Servlet - Denial of Service ?php Mortbay Jetty = 7.0.0-pre5 Dispatcher Servlet DoS Affected Software: Jetty 6.1.16, 7.0.0.pre5 all platforms Author: Ikki http://blog.nibblesec.org/ Description: The dispatcher servlet com.acme.DispatchServlet is prone to a DoS...

Viart shopping cart 3.5 - Multiple Vulnerabilities

Viart shopping cart 3.5 - Multiple Vulnerabilities =============================================================== !vuln ViArt Shopping Cart v3.5 is prone to multiple remote vulnerabilities. Earlier versions may also be affected. ===============================================================...

Microsoft Exchange OWA 长用户名拒绝服务漏洞

微软Exchange OWAOutlook Web Access组件存在一个拒绝服务漏洞。当使用很多"%"作 为用户名和口令登录时，OWA会返回HTTP 500 - Internal server error信息。用户将不 能通过IE进行登录。据报告说WWW发布服务和IIS管理服务会停止响应。 Microsoft Exchange Server 5.5 SP4 Microsoft Exchange Server 5.5 SP3 Microsoft Exchange Server 5.5 SP2 Microsoft Exchange Server 5.5 SP1 Microsoft...