Lucene search
K

24 matches found

Debian CVE
Debian CVE
added 2024/08/14 8:12 p.m.13 views

CVE-2024-42353

WebOb provides objects for HTTP requests and responses. When WebOb normalizes the HTTP Location header to include the request hostname, it does so by parsing the URL that the user is to be redirected to with Python's urlparse, and joining it to the base URL. urlparse however treats a // at the...

6.1CVSS6.1AI score0.00497EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2024/08/14 5:48 p.m.24 views

WebOb's location header normalization during redirect leads to open redirect

Impact When WebOb normalizes the HTTP Location header to include the request hostname, it does so by parsing the URL that the user is to be redirected to with Python's urlparse, and joining it to the base URL. urlparse however treats a // at the start of a string as a URI without a scheme, and th...

6.1CVSS6.5AI score0.00497EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2024/08/14 12:0 a.m.4 views

PT-2024-6608

Name of the Vulnerable Software and Affected Versions: WebOb versions prior to 1.8.8 Description: The issue is related to the handling of HTTP Location headers in WebOb, where the urlparse and urljoin functions can be exploited to redirect users to arbitrary URLs. This occurs when the urlparse...

6.4CVSS6.6AI score0.00497EPSS
Exploits1References48
seebug.org
seebug.org
added 2015/09/29 12:0 a.m.19 views

ZeusCart 4 信息泄漏漏洞

No description provided by source. !/usr/bin/env python coding: utf-8 from urlparse import urljoin from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register class TestPOCPOCBase: vulID = '11111 ' vul ID version = '1' author = 'Disorder' vulDate =...

7.1AI score
Exploits0
Rows per page
Query Builder