[RT-SA-2020-004] Inconsistent Behavior of Go’s CGI and FastCGI Transport May Lead to Cross-Site Scripting
Posted by RedTeam Pentesting GmbH on Sep 02Advisory: Inconsistent Behavior of Go's CGI and FastCGI Transport May Lead to Cross-Site...
Vulnerabilities
Kamailio vulnerable to header smuggling possible due to bypass of remove_hf
Posted by Sandro Gauci on Sep 01# Kamailio vulnerable to header smuggling possible due to bypass of remove_hf - Fixed...
Sagemcom router insecure deserialization > privilege escalation
Posted by Ryan Delaney on Sep 01<!-- # Exploit Title: Sagemcom router insecure deserialization > privilege escalation # Date: 08-31-2020...
Roundcube issue – Auth bypass via Improper Session Management
Posted by Balázs Hambalkó on Sep 01Hi, Title: Authentication bypass via Improper Session Management Product: RoundcubeMail Tested version: 1.4.4 -...
Bagisto: Default credentials for admin interface
Posted by devsecweb--- via Fulldisclosure on Sep 01Vendor: Bagisto (https://bagisto.com/) Affected version: All Introduction: Bagisto is an open source shop...
Bagisto: Insecure installation in sub-directories
Posted by devsecweb--- via Fulldisclosure on Sep 01Vendor: Bagisto (https://bagisto.com/) Affected version: All Introduction: Bagisto is an open source shop...
SUPERAntiSpyware Professional X Trial < 10.0.1206 Local Privilege Escalation
Posted by b1nary on Aug 29# Vulnerability Description SUPERAntiSpyware Professional X Trial versions prior to 10.0.1206 are vulnerable to local...
Missing Trust Validation in Visual Studio’s VSIX Installer
Posted by Ostovary, Daniel on Aug 29Hi, we have recently discovered a vulnerability in the VSIX Installer of Visual Studio....
Three vulnerabilities found in MikroTik’s RouterOS
Posted by Q C on Aug 29Advisory: three vulnerabilities found in MikroTik's RouterOS Details ======= Product: MikroTik's RouterOS Vendor URL:...
SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S
Posted by SEC Consult Vulnerability Lab on Aug 27SEC Consult Vulnerability Lab Security Advisory < 20200827-0 > ======================================================================= title: Multiple...
SEC Consult SA-20200826-0 :: Extensive file permissions on service executable in Eikon Thomson Reuters
Posted by SEC Consult Vulnerability Lab on Aug 27SEC Consult Vulnerability Lab Security Advisory < 20200826-0 > ======================================================================= title: Extensive...
A Tale of Escaping a Hardened Docker container
Posted by Red Timmy Security on Aug 25Hello, in a recent security assessment we have managed to escape out of...
NEProfile – Host Header Injection
Posted by ghost on Aug 25 Exploit Title: NEProfile - Host Header Injection Date: 5/13/2020 Vendor Homepage: https://seczetta.com Software Link:...
Google Chromecast Auth Bypass/RCE
Posted by Benjamin Floyd on Aug 25Problem: Most modern Google-based smart devices run some form of Chromecast (and a version...
CVE-2020-24548 / Ericom Access Server for (AccessNow & Ericom Blaze) v9.2.0 / Server Side Request Forgery
Posted by hyp3rlinx on Aug 25 Credits: John Page (aka hyp3rlinx) Website: hyp3rlinx.altervista.org Source:http://hyp3rlinx.altervista.org/advisories/ERICOM-ACCESS-SERVER-ACCESS-NOW-BLAZE-9.2.0-SERVER-SIDE-REQUEST-FORGERY.txt twitter.com/hyp3rlinx ISR: ApparitionSec www.ericom.com Ericom Access...
Open-Xchange Security Advisory 2020-08-20
Posted by Open-Xchange GmbH via Fulldisclosure on Aug 21Dear subscribers, we're sharing our latest advisory with you and like to...
Payment bypass in WordPress – WooCommerce – NAB Transact plugin disclosure
Posted by Jack Misiura via Fulldisclosure on Aug 21Title: Payment bypass Product: WordPress NAB Transact WooCommerce Plugin Vendor Homepage: https://woocommerce.com/products/nab-transact-direct-post/...
New Release: UFONet v1.6 – “M4RAuD3R!”…
Posted by psy on Aug 17Hi Community, I am glad to present a new release of this tool: - https://ufonet.03c8.net...
Two vulnerabilities found in MikroTik’s RouterOS
Posted by Q C on Aug 14Advisory: two vulnerabilities found in MikroTik's RouterOS Details ======= Product: MikroTik's RouterOS Vendor URL:...
Avian JVM vm::arrayCopy() silent return on negative length
Posted by Pietro Oliva via Fulldisclosure on Aug 11Vulnerability title: Avian JVM vm::arrayCopy() silent return on negative length Author: Pietro...
Avian JVM vm::arrayCopy() Multiple Integer Overflows
Posted by Pietro Oliva via Fulldisclosure on Aug 11Vulnerability title: Avian JVM vm::arrayCopy() Multiple Integer Overflows Author: Pietro Oliva CVE:...
SugarCRM < 10.1.0 (Reports Export) SQL Injection Vulnerability
Posted by Egidio Romano on Aug 11SugarCRM < 10.1.0 (Reports Export) SQL Injection Vulnerability *• Software Link:*https://www.sugarcrm.com *• Affected Versions:*...
