Jedesmal, wenn mit eingeschaltetem AdBlocker eine Webseite besucht wird, stirbt in einem Labor ein unschuldiges, niedliches Kaninchen einen grausamen Tod! Zusätzlich werden einige Funktionen dieser Webseite durch den AdBlocker blockiert. Bitte deaktivieren Sie Ihren AdBlocker für diese Webseite und retten Sie unschuldige Kaninchen!
Sie können durch Schliessen dieses Fensters natürlich mit AdBlocker weitermachen - wenn Sie mit dieser Schuld leben können .... es liegt an Ihnen - AdBlocker abschalten und ruhig schlafen können oder mit AdBlocker weitermachen und von übelsten Albträumen gequält werden!
Wir haben Sie gewarnt ....
Search - Review
plg_search_jdownloads
Search - K2
Suche - Kategorien
Suche - Kontakte
Suche - Inhalt
Suche - Newsfeeds
Suche - Schlagwörter
Script Security (4)
Im Sinne der Aktualität sind diese News grösstenteils in englischer Sprache. Falls nötig, bitte die Übersetzungsfunktion verwenden.
-
Red Hat Security Advisory 2020-4134-01
Ruby Files ≈ Packet Storm Sep 30, 2020 | 15:52 pmRed Hat Security Advisory 2020-4134-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web[…]
Read more... -
Red Hat Security Advisory 2020-3574-01
Ruby Files ≈ Packet Storm Aug 27, 2020 | 22:29 pmRed Hat Security Advisory 2020-3574-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web[…]
Read more... -
Red Hat Security Advisory 2020-3358-01
Ruby Files ≈ Packet Storm Aug 6, 2020 | 17:07 pmRed Hat Security Advisory 2020-3358-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web[…]
Read more... -
OpenEMR 5.0.1 Remote Code Execution
Ruby Files ≈ Packet Storm Aug 3, 2020 | 16:52 pmOpenEMR versions 5.0.1 and below authenticated remote code execution exploit written in ruby.
Read more... -
Ruby On Rails 5.0.1 Remote Code Execution
Ruby Files ≈ Packet Storm Jul 27, 2020 | 18:38 pmRuby On Rails version 5.0.1 remote code execution exploit.
Read more... -
Red Hat Security Advisory 2020-2839-01
Ruby Files ≈ Packet Storm Jul 7, 2020 | 16:18 pmRed Hat Security Advisory 2020-2839-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.
Read more... -
Red Hat Security Advisory 2020-2769-01
Ruby Files ≈ Packet Storm Jun 30, 2020 | 18:04 pmRed Hat Security Advisory 2020-2769-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a code execution vulnerability.
Read more... -
Keystone 0.9.2
Ruby Files ≈ Packet Storm Jun 23, 2020 | 21:24 pmKeystone is a lightweight multi-platform, multi-architecture assembler framework. Highlight features include multi-architecture, with support for Arm, Arm64 (AArch64/Armv8), Hexagon, Mips, PowerPC, Sparc, SystemZ, and X86 (include 16/32/64bit). It has a clean and lightweight architecture-neutral API. It's implemented in C/C++ languages,[…]
Read more... -
Red Hat Security Advisory 2020-2480-01
Ruby Files ≈ Packet Storm Jun 10, 2020 | 15:12 pmRed Hat Security Advisory 2020-2480-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web[…]
Read more... -
Red Hat Security Advisory 2020-2288-01
Ruby Files ≈ Packet Storm May 26, 2020 | 14:42 pmRed Hat Security Advisory 2020-2288-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP response splitting and buffer under-read vulnerabilities.
Read more...
Published in: Script Security
-
Ubuntu Security Notice USN-4586-1
PHP Files ≈ Packet Storm Oct 21, 2020 | 21:38 pmUbuntu Security Notice 4586-1 - It was discovered that PHP ImageMagick extension didn't check the address used by an array. An attacker could use this issue to cause PHP ImageMagick to crash, resulting in a denial of service.
Read more... -
Visitor Management System In PHP 1.0 SQL Injection
PHP Files ≈ Packet Storm Oct 20, 2020 | 20:12 pmVisitor Management System in PHP version 1.0 suffers from an authenticated remote SQL injection vulnerability.
Read more... -
ReQuest Serious Play F3 Media Server 7.0.3 Unauthenticated Remote Code Execution
PHP Files ≈ Packet Storm Oct 19, 2020 | 16:03 pmReQuest Serious Play F3 Media Server version 7.0.3 suffers from an unauthenticated remote code execution vulnerability. Abusing the hidden ReQuest Internal Utilities page (/tools) from the services provided, an attacker can exploit the Quick File Uploader (/tools/upload.html) page and upload[…]
Read more... -
Ubuntu Security Notice USN-4583-1
PHP Files ≈ Packet Storm Oct 14, 2020 | 20:14 pmUbuntu Security Notice 4583-1 - It was discovered that PHP incorrectly handled certain encrypt ciphers. An attacker could possibly use this issue to decrease security or cause incorrect encryption data. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04[…]
Read more... -
Typesetter CMS 5.1 Remote Code Execution
PHP Files ≈ Packet Storm Oct 7, 2020 | 16:14 pmTypesetter version 5.1 is vulnerable to code execution via /index.php/Admin/Uploaded. An attacker can exploit this by uploading a zip that contains a malicious php file inside. After extracting the zip file containing the malicious php file, it is possible to[…]
Read more... -
SpamTitan 7.07 Remote Code Execution
PHP Files ≈ Packet Storm Oct 5, 2020 | 17:38 pmSpamTitan version 7.07 suffers from an unauthenticated remote code execution vulnerability in snmp-x.php.
Read more... -
SpinetiX Fusion Digital Signage 3.4.8 Path Traversal
PHP Files ≈ Packet Storm Oct 1, 2020 | 15:03 pmSpinetiX Fusion Digital Signage version 3.4.8 suffers from an authenticated path traversal vulnerability. Input passed via several parameters in index.php script is not properly verified before being used to create and delete files. This can be exploited to write backup[…]
Read more... -
MaraCMS 7.5 Remote Code Execution
PHP Files ≈ Packet Storm Sep 28, 2020 | 16:01 pmThis Metasploit module exploits an arbitrary file upload vulnerability in MaraCMS versions 7.5 and below in order to execute arbitrary commands. The module first attempts to authenticate to MaraCMS. It then tries to upload a malicious PHP file to the[…]
Read more... -
Visitor Management System In PHP 1.0 Cross Site Scripting
PHP Files ≈ Packet Storm Sep 22, 2020 | 18:30 pmVisitor Management System in PHP version 1.0 suffers from an unauthenticated persistent cross site scripting vulnerability.
Read more... -
Visitor Management System In PHP 1.0 SQL Injection
PHP Files ≈ Packet Storm Sep 22, 2020 | 18:29 pmVisitor Management System in PHP version 1.0 suffers from a remote SQL injection vulnerability.
Read more...
Published in: Script Security
-
D-Link DSR-250N Denial Of Service
CGI Files ≈ Packet Storm Oct 8, 2020 | 16:50 pmRedTeam Pentesting discovered a denial of service vulnerability in the D-Link DSR-250N device which allows unauthenticated attackers in the same local network to execute a CGI script that reboots the device. Version 3.12 is confirmed affected.
Read more... -
Ubuntu Security Notice USN-4569-1
CGI Files ≈ Packet Storm Oct 5, 2020 | 17:21 pmUbuntu Security Notice 4569-1 - It was discovered that Yaws did not properly sanitize XML input. A remote attacker could use this vulnerability to execute an XML External Entity injection attack. It was discovered that Yaws mishandled certain input when[…]
Read more... -
Sony IPELA Network Camera Remote Stack Buffer Overflow
CGI Files ≈ Packet Storm Oct 1, 2020 | 15:09 pmSony IPELA Network Camera SNC-DH120T version 1.82.01 suffers from a remote stack buffer overflow vulnerability. The vulnerability is caused due to a boundary error in the processing of received FTP traffic through the FTP client functionality (ftpclient.cgi), which can be[…]
Read more... -
TP-Link Cloud Cameras NCXXX Bonjour Command Injection
CGI Files ≈ Packet Storm Sep 18, 2020 | 17:11 pmTP-Link cloud cameras NCXXX series (NC200, NC210, NC220, NC230, NC250, NC260, NC450) are vulnerable to an authenticated command injection vulnerability. In all devices except NC210, despite a check on the name length in swSystemSetProductAliasCheck, no other checks are in place[…]
Read more... -
Go CGI / FastCGI Transport Cross Site Scripting
CGI Files ≈ Packet Storm Sep 2, 2020 | 15:00 pmThe CGI and FastCGI implementations in the Go standard library behave differently from the HTTP server implementation when serving content. In contrast to the documented behavior, they may return non-HTML data as HTML. This may lead to cross site scripting[…]
Read more... -
Geutebruck testaction.cgi Remote Command Execution
CGI Files ≈ Packet Storm Aug 17, 2020 | 17:40 pmThis Metasploit module exploits an authenticated arbitrary command execution vulnerability within the 'server' GET parameter of the /uapi-cgi/testaction.cgi page of Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, EFD-22xx, ETHC-22xx, and EWPC-22xx devices running firmware versions
Read more... -
Cayin CMS NTP Server 11.0 Remote Code Execution
CGI Files ≈ Packet Storm Jun 18, 2020 | 16:04 pmThis Metasploit module exploits an authenticated remote code execution vulnerability in Cayin CMS versions 11.0 and below. The code execution is executed in the system_service.cgi file's ntpIp Parameter. The field is limited in size, so repeated requests are made to[…]
Read more... -
Cayin Content Management Server 11.0 Root Remote Command Injection
CGI Files ≈ Packet Storm Jun 4, 2020 | 19:29 pmCAYIN CMS suffers from an authenticated OS semi-blind command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user through the NTP_Server_IP HTTP POST parameter in system.cgi page.
Read more... -
Cayin Signage Media Player 3.0 Root Remote Command Injection
CGI Files ≈ Packet Storm Jun 4, 2020 | 19:26 pmCAYIN SMP-xxxx suffers from an authenticated OS command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user through the NTP_Server_IP HTTP GET parameter in system.cgi and wizard_system.cgi pages.
Read more... -
Secure Computing SnapGear Management Console SG560 3.1.5 Arbitrary File Read / Write
CGI Files ≈ Packet Storm Jun 4, 2020 | 16:43 pmSecure Computing SnapGear Management Console SG560 version 3.1.5 suffers from arbitrary file read and write vulnerabilities. The application allows the currently logged-in user to edit the configuration files in the system using the CGI executable edit_config_files in /cgi-bin/cgix/. The files[…]
Read more...
snaplitics made a real revolution in the industry.
Published in: Script Security
-
nfstream 6.2.0
Python Files ≈ Packet Storm Oct 21, 2020 | 15:57 pmnfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world[…]
Read more... -
Red Hat Security Advisory 2020-4299-01
Python Files ≈ Packet Storm Oct 21, 2020 | 15:36 pmRed Hat Security Advisory 2020-4299-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as[…]
Read more... -
Red Hat Security Advisory 2020-4273-01
Python Files ≈ Packet Storm Oct 20, 2020 | 20:22 pmRed Hat Security Advisory 2020-4273-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as[…]
Read more... -
Linux / Unix su Privilege Escalation
Python Files ≈ Packet Storm Oct 20, 2020 | 20:13 pmThis Metasploit module attempts to create a new login session by invoking the su command of a valid username and password. If the login is successful, a new session is created via the specified payload. Because su forces passwords to[…]
Read more... -
Red Hat Security Advisory 2020-4285-01
Python Files ≈ Packet Storm Oct 20, 2020 | 19:59 pmRed Hat Security Advisory 2020-4285-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as[…]
Read more... -
ReQuest Serious Play F3 Media Server 7.0.3 Debug Log Disclosure
Python Files ≈ Packet Storm Oct 19, 2020 | 15:48 pmReQuest Serious Play F3 Media Server version 7.0.3 suffers from a debug log disclosure vulnerability. An unauthenticated attacker can visit the message_log page and disclose the webserver's Python debug log file containing system information, credentials, paths, processes and command arguments[…]
Read more... -
Ubuntu Security Notice USN-4581-1
Python Files ≈ Packet Storm Oct 14, 2020 | 20:13 pmUbuntu Security Notice 4581-1 - It was discovered that Python incorrectly handled certain character sequences. A remote attacker could possibly use this issue to perform CRLF injection.
Read more... -
See-SURF 2.0
Python Files ≈ Packet Storm Oct 14, 2020 | 20:05 pmSee-SURF is a python-based scanner to find potential SSRF parameters in a web application.
Read more... -
Red Hat Security Advisory 2020-4254-01
Python Files ≈ Packet Storm Oct 14, 2020 | 16:52 pmRed Hat Security Advisory 2020-4254-01 - Updated python-psutil version to 5.6.6 inside ansible-runner container. Issues addressed include a double free vulnerability.
Read more... -
Red Hat Security Advisory 2020-4255-01
Python Files ≈ Packet Storm Oct 14, 2020 | 16:52 pmRed Hat Security Advisory 2020-4255-01 - Updated python-psutil version to 5.6.6 inside ansible-runner container. Issues addressed include a double free vulnerability.
Read more...
Published in: Script Security