8 matches found
EUVD-2020-8972
Malware in sbrugna...
PT-2025-31396 · 'Реак Софт' · Esia-Bridge
Уязвимость шлюза интеграции с ЕСИА ESIA-Bridge связана с обходом аутентификации посредством спуфинга. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, раскрыть защищаемую информацию путём перенаправления пользователя на специально сформированную HTML-страницу...
Linux Distros Unpatched Vulnerability : CVE-2024-7020
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page...
The vulnerability of the Grafana data visualization web tool, related to bypassing authentication through spoofing, allows attackers to gain full access to the user account.
The vulnerability of the Grafana data visualization web tool is related to the ability to bypass authentication through spoofing. Exploiting this vulnerability can allow a malicious actor to gain full access to the user account...
Email Subscribers & Newsletters < 4.5.6 - Unauthenticated email forgery/spoofing
It allows a remote unauthenticated attacker to send forged emails to all recipients from the available lists of contacts or subscribers, with complete control over the content and subject of the email. POST /wp-admin/admin-ajax.php HTTP/1.1 Host: example.com Content-Type:...
adnforums-insecure.txt
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- adnforum eNYe-Sec - www.enye-sec.org Cookie is base64 based and the ascii format used is: user:23ed4e45887ad4311ff654bd4aab6540:user:0 user:md5 pass:user:0 Programmer forgot to check the pass and only use the nick to autenticate the user...
malwareSpoof.txt
Tuesday, January 27, 2004 Trivial file spoofing in Internet Explorer 6.0.2800.1106 and all of 'its' patches to date on WIN XP probably others: Content-Disposition: attachment; filename=malware.3050f4d8-98B5- 11CF-BB82-00AA00BDCE0Bfunballgitespiethrow%2Empeg" Absolute bare minimum working demo...
mtr 0.45, 0.46
Few days ago, a new version of mtr has been released. Authors wrote in CHANGELOG, that they fixed a non-exploitable buffer overflow. In fact, this vulnerability is very easly exploitable and allows attacker to gain access to raw socket, which makes possible ip spoofing and other malicious network...