Jedesmal, wenn mit eingeschaltetem AdBlocker eine Webseite besucht wird, stirbt in einem Labor ein unschuldiges, niedliches Kaninchen einen grausamen Tod! Zusätzlich werden einige Funktionen dieser Webseite durch den AdBlocker blockiert. Bitte deaktivieren Sie Ihren AdBlocker für diese Webseite und retten Sie unschuldige Kaninchen!
Sie können durch Schliessen dieses Fensters natürlich mit AdBlocker weitermachen - wenn Sie mit dieser Schuld leben können .... es liegt an Ihnen - AdBlocker abschalten und ruhig schlafen können oder mit AdBlocker weitermachen und von übelsten Albträumen gequält werden!
Wir haben Sie gewarnt ....
Search - Review
plg_search_jdownloads
Search - K2
Suche - Kategorien
Suche - Kontakte
Suche - Inhalt
Suche - Newsfeeds
Suche - Schlagwörter
Script Security (4)
Im Sinne der Aktualität sind diese News grösstenteils in englischer Sprache. Falls nötig, bitte die Übersetzungsfunktion verwenden.
-
Red Hat Security Advisory 2019-4201-01
Ruby Files ≈ Packet Storm Dec 13, 2019 | 02:28 amRed Hat Security Advisory 2019-4201-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web[…]
Read more... -
Ubuntu Security Notice USN-4201-1
Ruby Files ≈ Packet Storm Nov 26, 2019 | 18:23 pmUbuntu Security Notice 4201-1 - It was discovered that Ruby incorrectly handled certain files. An attacker could possibly use this issue to pass path matching what can lead to an unauthorized access. It was discovered that Ruby incorrectly handled certain[…]
Read more... -
Red Hat Security Advisory 2019-2806-01
Ruby Files ≈ Packet Storm Sep 19, 2019 | 18:27 pmRed Hat Security Advisory 2019-2806-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a code execution vulnerability.
Read more... -
Red Hat Security Advisory 2019-2587-01
Ruby Files ≈ Packet Storm Sep 5, 2019 | 16:07 pmRed Hat Security Advisory 2019-2587-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web[…]
Read more... -
Red Hat Security Advisory 2019-2565-01
Ruby Files ≈ Packet Storm Aug 27, 2019 | 15:30 pmRed Hat Security Advisory 2019-2565-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. An OpenSSL issue was addressed where an X509 name equality check did not[…]
Read more... -
Red Hat Security Advisory 2019-2466-01
Ruby Files ≈ Packet Storm Aug 13, 2019 | 16:33 pmRed Hat Security Advisory 2019-2466-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web[…]
Read more... -
Red Hat Security Advisory 2019-2028-01
Ruby Files ≈ Packet Storm Aug 6, 2019 | 22:58 pmRed Hat Security Advisory 2019-2028-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and[…]
Read more... -
Red Hat Security Advisory 2019-1972-01
Ruby Files ≈ Packet Storm Jul 30, 2019 | 20:55 pmRed Hat Security Advisory 2019-1972-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a code execution vulnerability.
Read more... -
Red Hat Security Advisory 2019-1948-01
Ruby Files ≈ Packet Storm Jul 30, 2019 | 20:14 pmRed Hat Security Advisory 2019-1948-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. A name equality check issue was addressed.
Read more... -
Red Hat Security Advisory 2019-1833-01
Ruby Files ≈ Packet Storm Jul 24, 2019 | 16:44 pmRed Hat Security Advisory 2019-1833-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web[…]
Read more...
Published in: Script Security
-
YouPHPTube 7.7 SQL Injection
PHP Files ≈ Packet Storm Dec 5, 2019 | 00:34 amYouPHPTube versions 7.7 and below suffer from a remote SQL injection vulnerability in getChat.json.php.
Read more... -
WordPress Plainview Activity Monitor 20161228 Remote Command Execution
PHP Files ≈ Packet Storm Nov 29, 2019 | 17:50 pmWordPress Plainview Activity Monitor plugin is vulnerable to OS command injection which allows an attacker to remotely execute commands on the underlying system. Application passes unsafe user supplied data to ip parameter into activities_overview.php. Privileges are required in order to[…]
Read more... -
Debian Security Advisory 4576-1
PHP Files ≈ Packet Storm Nov 26, 2019 | 18:21 pmDebian Linux Security Advisory 4576-1 - An out-of-bounds write vulnerability was discovered in php-imagick, a PHP extension to create and modify images using the ImageMagick API, which could result in denial of service, or potentially the execution of arbitrary code.
Read more... -
Remote File Inclusion / Local File Inclusion Attack And Defense Techniques
PHP Files ≈ Packet Storm Nov 24, 2019 | 21:48 pmWhitepaper called Remote File Inclusion / Local File Inclusion Attack and Defense Techniques. This paper focuses on PHP-based attacks.
Read more... -
Debian Security Advisory 4573-1
PHP Files ≈ Packet Storm Nov 19, 2019 | 16:26 pmDebian Linux Security Advisory 4573-1 - Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to a timing attack/information leak, argument injection and code execution via unserialization.
Read more... -
FusionPBX Operator Panel exec.php Command Execution
PHP Files ≈ Packet Storm Nov 14, 2019 | 17:09 pmThis Metasploit module exploits an authenticated command injection vulnerability in FusionPBX versions 4.4.3 and prior. The exec.php file within the Operator Panel permits users with operator_panel_view permissions, or administrator permissions, to execute arbitrary commands as the web server user by[…]
Read more... -
FusionPBX Command exec.php Command Execution
PHP Files ≈ Packet Storm Nov 14, 2019 | 17:08 pmThis Metasploit module uses administrative functionality available in FusionPBX to gain a shell. The Command section of the application permits users with exec_view permissions, or superadmin permissions, to execute arbitrary system commands, or arbitrary PHP code, as the web server[…]
Read more... -
CMS Made Simple 2.2.8 Remote Code Execution
PHP Files ≈ Packet Storm Nov 13, 2019 | 18:28 pmAn issue was discovered in CMS Made Simple version 2.2.8. In the module DesignManager (in the files action.admin_bulk_css.php and action.admin_bulk_template.php), with an unprivileged user with Designer permission, it is possible to reach an unserialize call with a crafted value in[…]
Read more... -
Linear eMerge E3 1.00-06 card_scan_decoder.php Command Injection
PHP Files ≈ Packet Storm Nov 12, 2019 | 18:13 pmLinear eMerge E3 versions 1.00-06 and below unauthenticated command injection remote root exploit that leverages card_scan_decoder.php.
Read more... -
Linear eMerge E3 1.00-06 card_scan.php Command Injection
PHP Files ≈ Packet Storm Nov 12, 2019 | 18:11 pmLinear eMerge E3 versions 1.00-06 and below unauthenticated command injection remote root exploit that leverages card_scan.php.
Read more...
Published in: Script Security
-
Rifatron Intelligent Digital Security System (animate.cgi) Stream Disclosure
CGI Files ≈ Packet Storm Sep 10, 2019 | 01:46 amThe Rifatron Intelligent Digital Security System DVR suffers from an unauthenticated and unauthorized live stream disclosure when animate.cgi script is called through Mobile Web Viewer module.
Read more... -
Debian Security Advisory 4507-1
CGI Files ≈ Packet Storm Aug 26, 2019 | 17:54 pmDebian Linux Security Advisory 4507-1 - Several vulnerabilities were discovered in Squid, a fully featured web proxy cache. The flaws in the HTTP Digest Authentication processing, the HTTP Basic Authentication processing and in the cachemgr.cgi allowed remote attackers to perform[…]
Read more... -
Ubuntu Security Notice USN-4059-1
CGI Files ≈ Packet Storm Jul 16, 2019 | 22:09 pmUbuntu Security Notice 4059-1 - It was discovered that Squid incorrectly handled certain SNMP packets. A remote attacker could possibly use this issue to cause memory consumption, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS[…]
Read more... -
ABB IDAL HTTP Server Authentication Bypass
CGI Files ≈ Packet Storm Jun 21, 2019 | 22:32 pmThe IDAL HTTP server CGI interface contains a URL, which allows an unauthenticated attacker to bypass authentication and gain access to privileged functions. In the IDAL CGI interface, there is a URL (/cgi/loginDefaultUser), which will create a session in an[…]
Read more... -
Telus Actiontec WEB6000Q Denial Of Service
CGI Files ≈ Packet Storm Jun 12, 2019 | 20:44 pmTelus Actiontec WEB6000Q with firmware 1.1.02.22 suffers from a denial of service vulnerability. By querying CGI endpoints with empty (GET/POST/HEAD) requests causes a Segmentation Fault of the uhttpd webserver. Since there is no watchdog on this daemon, a device reboot[…]
Read more... -
RICOH SP 4520DN Printer HTML Injection
CGI Files ≈ Packet Storm May 9, 2019 | 20:22 pmAn HTML Injection vulnerability has been discovered on the RICOH SP 4520DN via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn or entryDisplayNameIn parameter.
Read more... -
RICOH SP 4510DN Printer HTML Injection
CGI Files ≈ Packet Storm May 9, 2019 | 16:55 pmAn HTML Injection vulnerability has been discovered on the RICOH SP 4510DN via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn parameter.
Read more... -
Sierra Wireless AirLink ES450 ACEManager template_load.cgi Information Disclosure
CGI Files ≈ Packet Storm Apr 27, 2019 | 19:20 pmAn exploitable information disclosure vulnerability exists in the ACEManager template_load.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause a information leak, resulting in the disclosure of internal paths and files. An attacker can[…]
Read more... -
Sierra Wireless AirLink ES450 ACEManager Embedded_Ace_Set_Task.cgi Permission Assignment
CGI Files ≈ Packet Storm Apr 27, 2019 | 01:55 amAn exploitable Permission Assignment vulnerability exists in the ACEManager EmbeddedAceSet_Task.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause a arbitrary setting writes, resulting in the unverified changes to any system setting. An attacker[…]
Read more... -
Sierra Wireless AirLink ES450 ACEManager Embedded_Ace_Get_Task.cgi Information Disclosure
CGI Files ≈ Packet Storm Apr 27, 2019 | 01:44 amAn exploitable Information Disclosure vulnerability exists in the ACEManager EmbeddedAceGet_Task.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause an information disclosure, resulting in the exposure of confidential information, including, but not limited to,[…]
Read more...
snaplitics made a real revolution in the industry.
Published in: Script Security
-
Red Hat Security Advisory 2019-4062-01
Python Files ≈ Packet Storm Dec 3, 2019 | 14:01 pmRed Hat Security Advisory 2019-4062-01 - The python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment. Issues addressed include an information leakage[…]
Read more... -
Red Hat Security Advisory 2019-3964-01
Python Files ≈ Packet Storm Nov 26, 2019 | 18:21 pmRed Hat Security Advisory 2019-3964-01 - The python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment. Issues addressed include an information leakage[…]
Read more... -
Red Hat Security Advisory 2019-3948-01
Python Files ≈ Packet Storm Nov 25, 2019 | 19:32 pmRed Hat Security Advisory 2019-3948-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as[…]
Read more... -
Ubuntu Security Notice USN-4196-1
Python Files ≈ Packet Storm Nov 18, 2019 | 16:30 pmUbuntu Security Notice 4196-1 - It was discovered that python-ecdsa incorrectly handled certain signatures. A remote attacker could possibly use this issue to cause python-ecdsa to generate unexpected exceptions, resulting in a denial of service. It was discovered that python-ecdsa[…]
Read more... -
YAML Deserialization Attack In Python
Python Files ≈ Packet Storm Nov 13, 2019 | 18:12 pmWhitepaper called YAML Deserialization Attack in Python.
Read more... -
Prima Access Control 2.3.35 Script Upload Remote Code Execution
Python Files ≈ Packet Storm Nov 12, 2019 | 19:53 pmPrima Access Control version 2.3.35 authenticated python script upload remote root code execution exploit.
Read more... -
Red Hat Security Advisory 2019-3725-01
Python Files ≈ Packet Storm Nov 6, 2019 | 17:00 pmRed Hat Security Advisory 2019-3725-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as[…]
Read more... -
Red Hat Security Advisory 2019-3698-01
Python Files ≈ Packet Storm Nov 6, 2019 | 16:57 pmRed Hat Security Advisory 2019-3698-01 - The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such[…]
Read more... -
Red Hat Security Advisory 2019-3704-01
Python Files ≈ Packet Storm Nov 6, 2019 | 16:56 pmRed Hat Security Advisory 2019-3704-01 - The numpy packages provide NumPY. NumPY is an extension to the Python programming language, which adds support for large, multi-dimensional arrays and matrices, and a library of mathematical functions that operate on such arrays.[…]
Read more... -
Red Hat Security Advisory 2019-3590-01
Python Files ≈ Packet Storm Nov 6, 2019 | 16:49 pmRed Hat Security Advisory 2019-3590-01 - The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. A CRLF injection issue was addressed.
Read more...
Published in: Script Security
