CVE-2016-3952

web2py before 2.14.1, when using the standalone version, allows remote attackers to obtain environment variable values via a direct request to examples/templateexamples/beautify. NOTE: this issue can be leveraged by remote attackers to gain administrative access...

CVE-2016-3952

web2py before 2.14.1, when using the standalone version, allows remote attackers to obtain environment variable values via a direct request to examples/templateexamples/beautify. NOTE: this issue can be leveraged by remote attackers to gain administrative access...

CVE-2016-3952

web2py (standalone) before 2.14.1 is affected by CVE-2016-3952: an attacker can request examples/template_examples/beautify to obtain environment variable values, which can be leveraged to gain administrative access. The issue aligns with documented exposure of sensitive information in web2py-rel...

Twisted: sets environmental variable based on user supplied Proxy request header

It was discovered that python-twisted-web used the value of the Proxy header from HTTP requests to initialize the HTTPPROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote...

CVE-2017-3160

After the Android platform is added to Cordova the first time, or after a project is created using the build scripts, the scripts will fetch Gradle on the first build. However, since the default URI is not using https, it is vulnerable to a MiTM and the Gradle executable is not safe. The severity...

CVE-2017-3160

After the Android platform is added to Cordova the first time, or after a project is created using the build scripts, the scripts will fetch Gradle on the first build. However, since the default URI is not using https, it is vulnerable to a MiTM and the Gradle executable is not safe. The severity...

CVE-2017-1000408

A memory leak in glibc 2.1.1 released on May 24, 1999 can be reached and amplified through the LDHWCAPMASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366...

CVE-2017-1000408

A memory leak in glibc 2.1.1 released on May 24, 1999 can be reached and amplified through the LDHWCAPMASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366...

The vulnerability of the mod_auth_digest module in the Apache HTTP Server’s httpd daemon allows a hacker to gain access to confidential information or cause service interruptions.

The vulnerability of the modauthdigest module in the Apache HTTP Server’s httpd daemon arises from incorrect initialization of a variable. Exploiting this vulnerability can allow an attacker to gain access to confidential information or cause service failures...

SquirrelMail < 1.4.7 - Arbitrary Variable Overwrite Vulnerability

Exploit for php platform in category web applications SquirrelMail Arbitrary Variable Overwrite Vendor: SquirrelMail Product: SquirrelMail Version: = 1.4.7 Website: http://www.squirrelmail.org BID: 19486 CVE: CVE-2006-4019 OSVDB: 27917 SECUNIA: 21354 Description: SquirrelMail is a standards-based...

X-Cart < 4.1.3 - Arbitrary Variable Overwrite Vulnerability

Exploit for php platform in category web applications X-Cart Arbitrary Variable Overwrite Vendor: Qualiteam Product: X-Cart Version: $value $$var = $value; As we can see every single post variable is dynamically evaluated. This is especially dangerous because register globals and magic q...

Microsoft Edge Chakra JIT Loop Analysis Bug

Microsoft Edge: Chakra: JIT: Loop analysis bug CVE-2018-0777 Here's the PoC demonstrating OOB write. function optarr, start, end for let i = start; i end; i++ if i === 10 i += 0; // -- a arri = 2.3023e-320; function main let arr = new Array100; arr.fill1.1; for let i = 0; i 1000; i++ optarr, 0, 3...

CVE-2018-5709

An issue was discovered in MIT Kerberos 5 aka krb5 through 1.16. There is a variable "dbentry-nkeydata" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect...

MIT Kerberos5 <= 1.16 Multiple Vulnerabilities

MIT Kerberos5 is prone to a Denial of Service DoS and an information disclosure vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2018-5715

phprint.php in SugarCRM 3.5.1 has XSS via a parameter name in the query string aka a $key variable...

Design/Logic Flaw

phprint.php in SugarCRM 3.5.1 has XSS via a parameter name in the query string aka a $key variable...

CVE-2018-5715

phprint.php in SugarCRM 3.5.1 has XSS via a parameter name in the query string aka a $key variable...

CVE-2018-5715

SugarCRM 3.5.1 is vulnerable to Cross-Site Scripting via phprint.php due to improper handling of the GET parameter name ($key) in the query string. The root cause is that the $key values are not encoded when constructing the query string, enabling injection of arbitrary JavaScript into the victim...

Design/Logic Flaw

An issue was discovered in MIT Kerberos 5 aka krb5 through 1.16. There is a variable "dbentry-nkeydata" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect...

CVE-2018-5709

An issue was discovered in MIT Kerberos 5 aka krb5 through 1.16. There is a variable "dbentry-nkeydata" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect...