[SECURITY] Fedora 36 Update: golang-github-path-network-mmproxy-2.1-4.fc36

go-mmproxy is a standalone application that unwraps HAProxy's PROXY protocol also adopted by other projects such as NGINX so that the network connection to the end server comes from client's - instead of proxy server's - IP address and port number...

Proton 跨站脚本漏洞

Proton is a standalone application by steventhanna individual developers that uses Electron to quickly preview and edit Markdown files. A security vulnerability exists in Proton version v0.2.0 that originates from allowing the creation of malicious links in markdown files...

ModSecurity 安全漏洞

ModSecurity is an intrusion detection and blocking engine that can be run as a module of the Apache Web Server or as a standalone application to enhance Web application security and protect Web applications from known and unknown attacks. A security vulnerability exists in ModSecurity 3.0.4 prior...

Evilginx v2.0 - Standalone Man-In-The-Middle Attack Framework Used For Phishing Login Credentials Along With Session Cookies, Allowing For The Bypass Of 2-Factor Authentication

evilginx2 is a man-in-the-middle attack framework used for phishing login credentials along with session cookies, which in turn allows to bypass 2-factor authentication protection. This tool is a successor to Evilginx, released in 2017, which used a custom version of nginx HTTP server to provide...

Glossword 1.8.8 & 1.8.12 - Arbitrary File Upload Vulnerability

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

[Hardanger] Web Application Penetration Testing Platform

Hardanger is an Open Source web application penetration testing tool led by security researchers from SecurityWire. The project aims to bridge the gap between current open source web application testing tools commonly used in a Linux environment and bring the same level of tools to native Windows...

SAMHAIN v2.8.5 - intrusion detection system

SAMHAIN v2.8.5 - intrusion detection system The samhain open source host-based intrusion detection system HIDS provides file integrity checking and logfile monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes. It has been...

Cross-Site Scripting and Open Redirection vulnerability in extension phpMyAdmin (phpmyadmin)

It has been discovered that the extension phpMyAdmin phpmyadmin is vulnerable to Cross-Site Scripting and Open Redirection. Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 4.10.3 and below Vulnerability Type:...

eEye Retina Wireless Scanner (Standalone) Detection

Retina Wireless Scanner is installed on the remote host. This program is currently installed as a standalone application. Please note it is no longer distributed in this manner, and is now included with Retina Network Security Scanner. C Tenable Network Security, Inc. include"compat.inc"; if...

XSS and SQL injection vulnerabilities in extension "phpMyAdmin" (phpmyadmin)

It has been discovered that the extension phpMyAdmin phpmyadmin is vulnerable to XSS and SQL injections. Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 4.3.0 and all versions below Vulnerability Type: Cross-Site...

CVE-2005-2267

Firefox before 1.0.5 allows remote attackers to steal information and possibly execute arbitrary code by using standalone applications such as Flash and QuickTime to open a javascript: URL, which is run in the context of the previous page, and may lead to code execution if the standalone...