Jedesmal, wenn mit eingeschaltetem AdBlocker eine Webseite besucht wird, stirbt in einem Labor ein unschuldiges, niedliches Kaninchen einen grausamen Tod! Zusätzlich werden einige Funktionen dieser Webseite durch den AdBlocker blockiert. Bitte deaktivieren Sie Ihren AdBlocker für diese Webseite und retten Sie unschuldige Kaninchen!
Sie können durch Schliessen dieses Fensters natürlich mit AdBlocker weitermachen - wenn Sie mit dieser Schuld leben können .... es liegt an Ihnen - AdBlocker abschalten und ruhig schlafen können oder mit AdBlocker weitermachen und von übelsten Albträumen gequält werden!
Wir haben Sie gewarnt ....
Search - Review
plg_search_jdownloads
Search - K2
Suche - Kategorien
Suche - Kontakte
Suche - Inhalt
Suche - Newsfeeds
Suche - Schlagwörter
Script Security (4)
Im Sinne der Aktualität sind diese News grösstenteils in englischer Sprache. Falls nötig, bitte die Übersetzungsfunktion verwenden.
-
Red Hat Security Advisory 2020-2288-01
Ruby Files ≈ Packet Storm May 26, 2020 | 14:42 pmRed Hat Security Advisory 2020-2288-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP response splitting and buffer under-read vulnerabilities.
Read more... -
Red Hat Security Advisory 2020-2212-01
Ruby Files ≈ Packet Storm May 19, 2020 | 14:55 pmRed Hat Security Advisory 2020-2212-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP response splitting and buffer under-read vulnerabilities.
Read more... -
Red Hat Security Advisory 2020-1963-01
Ruby Files ≈ Packet Storm Apr 29, 2020 | 16:04 pmRed Hat Security Advisory 2020-1963-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP response splitting and buffer under-read vulnerabilities.
Read more... -
Gentoo Linux Security Advisory 202003-09
Ruby Files ≈ Packet Storm Mar 14, 2020 | 17:08 pmGentoo Linux Security Advisory 202003-9 - A vulnerability in OpenID library for Ruby at worst might allow an attacker to bypass authentication. Versions less than 2.9.2 are affected.
Read more... -
Gentoo Linux Security Advisory 202003-06
Ruby Files ≈ Packet Storm Mar 13, 2020 | 14:58 pmGentoo Linux Security Advisory 202003-6 - Multiple vulnerabilities have been found in Ruby, the worst of which could lead to the remote execution of arbitrary code. Versions less than 2.4.9:2.4 are affected.
Read more... -
Red Hat Security Advisory 2020-0663-01
Ruby Files ≈ Packet Storm Mar 3, 2020 | 16:33 pmRed Hat Security Advisory 2020-0663-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and[…]
Read more... -
Red Hat Security Advisory 2020-0591-01
Ruby Files ≈ Packet Storm Feb 25, 2020 | 15:23 pmRed Hat Security Advisory 2020-0591-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and[…]
Read more... -
Red Hat Security Advisory 2020-0589-01
Ruby Files ≈ Packet Storm Feb 25, 2020 | 15:18 pmRed Hat Security Advisory 2020-0589-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web[…]
Read more... -
Red Hat Security Advisory 2020-0588-01
Ruby Files ≈ Packet Storm Feb 25, 2020 | 15:17 pmRed Hat Security Advisory 2020-0588-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web[…]
Read more... -
Red Hat Security Advisory 2020-0542-01
Ruby Files ≈ Packet Storm Feb 18, 2020 | 15:07 pmRed Hat Security Advisory 2020-0542-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and[…]
Read more...
Published in: Script Security
-
WordPress Drag And Drop Multi File Uploader Remote Code Execution
PHP Files ≈ Packet Storm Jun 4, 2020 | 19:40 pmThis Metasploit module exploits a file upload feature of Drag and Drop Multi File Upload - Contact Form 7 for versions prior to 1.3.4. The allowed file extension list can be bypassed by appending a %, allowing for php shells[…]
Read more... -
NeonLMS Learning Management System PHP Laravel Script 4.6 XSS
PHP Files ≈ Packet Storm Jun 4, 2020 | 18:56 pmNeonLMS Learning Management System PHP Laravel Script version 4.6 suffers from a persistent cross site scripting vulnerability.
Read more... -
NeonLMS Learning Management System PHP Laravel Script 4.6 File Download
PHP Files ≈ Packet Storm Jun 4, 2020 | 18:55 pmNeonLMS Learning Management System PHP Laravel Script version 4.6 suffers from an arbitrary file download vulnerability.
Read more... -
Sabberworm PHP CSS Code Injection
PHP Files ≈ Packet Storm Jun 3, 2020 | 16:05 pmSabberworm PHP CSS parser suffers from a code injection vulnerability. Many versions are affected.
Read more... -
Ubuntu Security Notice USN-4375-1
PHP Files ≈ Packet Storm May 27, 2020 | 23:33 pmUbuntu Security Notice 4375-1 - It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service.
Read more... -
Kuicms PHP EE 2.0 Cross Site Scripting
PHP Files ≈ Packet Storm May 27, 2020 | 17:02 pmKuicms PHP EE version 2.0 suffers from a persistent cross site scripting vulnerability.
Read more... -
PHP-Fusion 9.03.50 Cross Site Scripting
PHP Files ≈ Packet Storm May 20, 2020 | 23:01 pmPHP-Fusion version 9.03.50 has been found susceptible to additional methods of persistent cross site scripting. Initial findings in this version were discovered by SunCSR.
Read more... -
PHP-Fusion 9.03.50 SQL Injection
PHP Files ≈ Packet Storm May 19, 2020 | 14:42 pmPHP-Fusion version 9.03.50 suffers from a remote SQL injection vulnerability.
Read more... -
Pi-Hole heisenbergCompensator Blocklist OS Command Execution
PHP Files ≈ Packet Storm May 18, 2020 | 16:50 pmThis Metasploit module exploits a command execution in Pi-Hole versions 4.4 and below. A new blocklist is added, and then an update is forced (gravity) to pull in the blocklist content. PHP content is then written to a file within[…]
Read more... -
Netsweeper WebAdmin unixlogin.php Python Code Injection
PHP Files ≈ Packet Storm May 12, 2020 | 20:18 pmThis Metasploit module exploits a Python code injection in the Netsweeper WebAdmin component's unixlogin.php script, for versions 6.4.4 and prior, to execute code as the root user. Authentication is bypassed by sending a random whitelisted Referer header in each request.[…]
Read more...
Published in: Script Security
-
Cayin Content Management Server 11.0 Root Remote Command Injection
CGI Files ≈ Packet Storm Jun 4, 2020 | 19:29 pmCAYIN CMS suffers from an authenticated OS semi-blind command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user through the NTP_Server_IP HTTP POST parameter in system.cgi page.
Read more... -
Cayin Signage Media Player 3.0 Root Remote Command Injection
CGI Files ≈ Packet Storm Jun 4, 2020 | 19:26 pmCAYIN SMP-xxxx suffers from an authenticated OS command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user through the NTP_Server_IP HTTP GET parameter in system.cgi and wizard_system.cgi pages.
Read more... -
Secure Computing SnapGear Management Console SG560 3.1.5 Arbitrary File Read / Write
CGI Files ≈ Packet Storm Jun 4, 2020 | 16:43 pmSecure Computing SnapGear Management Console SG560 version 3.1.5 suffers from arbitrary file read and write vulnerabilities. The application allows the currently logged-in user to edit the configuration files in the system using the CGI executable edit_config_files in /cgi-bin/cgix/. The files[…]
Read more... -
Synology DiskStation Manager smart.cgi Remote Command Execution
CGI Files ≈ Packet Storm May 22, 2020 | 19:03 pmThis Metasploit module exploits a vulnerability found in Synology DiskStation Manager (DSM) versions prior to 5.2-5967-5, which allows the execution of arbitrary commands under root privileges after website authentication. The vulnerability is located in webman/modules/StorageManager/smart.cgi, which allows appending of a[…]
Read more... -
Ubuntu Security Notice USN-4356-1
CGI Files ≈ Packet Storm May 13, 2020 | 14:26 pmUbuntu Security Notice 4356-1 - Jeriko One discovered that Squid incorrectly handled certain Edge Side Includes responses. A malicious remote server could cause Squid to crash, possibly poison the cache, or possibly execute arbitrary code. It was discovered that Squid[…]
Read more... -
Zen Load Balancer 3.10.1 Directory Traversal
CGI Files ≈ Packet Storm Apr 23, 2020 | 19:32 pmThis Metasploit module exploits an authenticated directory traversal vulnerability in Zen Load Balancer version 3.10.1. The flaw exists in index.cgi not properly handling the filelog= parameter which allows a malicious actor to load arbitrary file path.
Read more... -
D-Link DIR-859 Unauthenticated Remote Command Execution
CGI Files ≈ Packet Storm Jan 22, 2020 | 16:26 pmD-Link DIR-859 Routers are vulnerable to OS command injection via the UPnP interface. The vulnerability exists in /gena.cgi (function genacgi_main() in /htdocs/cgibin), which is accessible without credentials.
Read more... -
Barco WePresent file_transfer.cgi Command Injection
CGI Files ≈ Packet Storm Jan 14, 2020 | 16:16 pmThis Metasploit module exploits an unauthenticated remote command injection vulnerability found in Barco WePresent and related OEM'ed products. The vulnerability is triggered via an HTTP POST request to the file_transfer.cgi endpoint.
Read more... -
Rifatron Intelligent Digital Security System (animate.cgi) Stream Disclosure
CGI Files ≈ Packet Storm Sep 9, 2019 | 23:46 pmThe Rifatron Intelligent Digital Security System DVR suffers from an unauthenticated and unauthorized live stream disclosure when animate.cgi script is called through Mobile Web Viewer module.
Read more... -
Debian Security Advisory 4507-1
CGI Files ≈ Packet Storm Aug 26, 2019 | 15:54 pmDebian Linux Security Advisory 4507-1 - Several vulnerabilities were discovered in Squid, a fully featured web proxy cache. The flaws in the HTTP Digest Authentication processing, the HTTP Basic Authentication processing and in the cachemgr.cgi allowed remote attackers to perform[…]
Read more...
snaplitics made a real revolution in the industry.
Published in: Script Security
-
nfstream 5.1.5
Python Files ≈ Packet Storm May 26, 2020 | 14:53 pmnfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world[…]
Read more... -
nfstream 5.1.3
Python Files ≈ Packet Storm May 22, 2020 | 14:44 pmnfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world[…]
Read more... -
nfstream 5.1.2
Python Files ≈ Packet Storm May 19, 2020 | 14:44 pmnfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world[…]
Read more... -
nfstream 5.1.1
Python Files ≈ Packet Storm May 18, 2020 | 16:48 pmnfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world[…]
Read more... -
Gentoo Linux Security Advisory 202005-09
Python Files ≈ Packet Storm May 15, 2020 | 14:52 pmGentoo Linux Security Advisory 202005-9 - A vulnerability in Python could lead to a Denial of Service condition. Versions less than 2.7.18:2.7 are affected.
Read more... -
Netsweeper WebAdmin unixlogin.php Python Code Injection
Python Files ≈ Packet Storm May 12, 2020 | 20:18 pmThis Metasploit module exploits a Python code injection in the Netsweeper WebAdmin component's unixlogin.php script, for versions 6.4.4 and prior, to execute code as the root user. Authentication is bypassed by sending a random whitelisted Referer header in each request.[…]
Read more... -
Red Hat Security Advisory 2020-2081-01
Python Files ≈ Packet Storm May 12, 2020 | 20:13 pmRed Hat Security Advisory 2020-2081-01 - The virtualenv tool creates isolated Python environments. The virtualenv tool is a successor to workingenv, and an extension of virtual-python. Issues addressed include crlf injection and cross-host redirect vulnerabilities.
Read more... -
Red Hat Security Advisory 2020-2068-01
Python Files ≈ Packet Storm May 12, 2020 | 20:11 pmRed Hat Security Advisory 2020-2068-01 - pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package Index. pip is a recursive acronym that can stand[…]
Read more... -
nfstream 5.1.0
Python Files ≈ Packet Storm May 8, 2020 | 20:09 pmnfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world[…]
Read more... -
sshprank 1.1.1
Python Files ≈ Packet Storm May 4, 2020 | 17:17 pmsshprank is a fast SSH mass-scanner, login cracker, and banner grabber tool using the python-masscan and shodan modules.
Read more...
Published in: Script Security