RHSA-2021:2561 Red Hat Security Advisory: Red Hat JBoss Web Server 5.5.0 Security release

Bulletin has no description...

GyoiThon - A Growing Penetration Test Tool Using Machine Learning

GyoiThon is a growing penetration test tool using Machine Learning. GyoiThon identifies the software installed on web server OS, Middleware, Framework, CMS, etc... based on the learning data. After that, it executes valid exploits for the identified software using Metasploit. Finally, it generate...

LIFE CMS Directory Traversal

Title: ======= LIFE CMS - Directory Traversal Introduction: ============== Life Educacional comprises a set of online computer tools capable of bringing agility and control in all activities of a teaching institution, whether public or private, or basic, basic, secondary or higher education. It i...

Philex CMS 0.2 Directory Traversal

Title: ======= Philex CMS - Directory Traversal Introduction: ============== A content management system CMS is a computer application that supports the creation and modification of digital content. It is often used to support multiple users working in a collaborative environment. CMS features va...

Gossamer Threads DBMan 2.0.4 DBMan Information Leakage Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1178/info Requesting an invalid database file from a web server implementing Gossamer Threads DBMan scripts will return a CGI error message containing environmental variables to a remote user without any authorization. Th...

DWebPro 3.4.1 Http.ini Plaintext Password Storage Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8438/info A vulnerability has been reported to exist in the DWebPro web server software. This problem allows an attacker to view database authentication credentials by accessing a plain text file named 'http.ini'. An...

Mozilla Firefox - Cookie Verification Denial of Service

Mozilla Firefox - Cookie Verification Denial of Service source: https://www.securityfocus.com/bid/62969/info Mozilla Firefox is prone to a denial-of-service vulnerability because it fails to verify the user supplied input. Successfully exploiting this issue will allow an attacker to inject specia...

Google Chrome - Cookie Verification Denial of Service

Google Chrome - Cookie Verification Denial of Service source: https://www.securityfocus.com/bid/58857/info Google Chrome is prone to a denial-of-service vulnerability because it fails to verify the user supplied input. Successfully exploiting this issue will allow an attacker to inject special...

CiscoWorks buffer overflow

TCP/443, TCP/1741 Web server buffer overflow...

SQL Injection Attacks Aimed at Stealing Gaming Credentials, Experts Say

The mass SQL injection attack that has been ongoing for a week or so now is designed mainly to steal credentials for online games and is quite well planned and organized, experts say. The attack, which has been using two specific domains as part of a widespread SQL injection campaign, is targetin...

GoAheaad Webserver Source Code Disclosure Vulnerability

Exploit for windows platform in category remote exploits ======================================================= GoAheaad Webserver Source Code Disclosure Vulnerability ======================================================= Exploit Title: GoAheaad Webserver Source Code Disclosure Vulnerability...

Eye-Fi multiple security vulnerabilities

Multiple vulnerabilities in TCP/59278 Web server...

JVN#80057925: Cross-site scripting vulnerability in Apache HTTP Server "mod_imap" and "mod_imagemap"

The Apache HTTP Server is open source web server software. The Apache HTTP Server modules modimap and modimagemap provide server-side imagemap processing capability. The Apache HTTP Server modules modimap and modimagemap are vulnerable to cross-site scripting. Impact An arbitrary script can be...

Directory content leakage in KF Web Server

Invalid processing of 00 in URLs...