Пропускане към основното съдържание

CVE-2020-2555

Description

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions that are affected are 3.7.1.17, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. The easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle Coherence. Successful attacks of this vulnerability can result in a takeover of Oracle Coherence. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).







Коментари

Popular Posts

DVWA - Brute Force (High Level) - Anti-CSRF Tokens

This is the final "how to" guide which brute focuses Damn Vulnerable Web Application (DVWA), this time on the high security level. It is an expansion from the "low" level (which is a straightforward HTTP GET form attack). The main login screen shares similar issues (brute force-able and with anti-CSRF tokens). The only other posting is the "medium" security level post (which deals with timing issues). For the final time, let's pretend we do not know any credentials for DVWA.... Let's play dumb and brute force DVWA... once and for all! TL;DR: Quick copy/paste 1: CSRF=$(curl -s -c dvwa.cookie "192.168.1.44/DVWA/login.php" | awk -F 'value=' '/user_token/ {print $2}' | cut -d "'" -f2) 2: SESSIONID=$(grep PHPSESSID dvwa.cookie | cut -d $'\t' -f7) 3: curl -s -b dvwa.cookie -d "username=admin&password=password&user_token=${CSRF}&Login=Login" "192.168.1

CVE-2022-21907

Exploiting after error checking. NOTE: Especially for the curious people!

Facebook structure_intentional uncertainty

+ Server: No banner retrieved + X-XSS-Protection header has been set to disable XSS Protection. There is unlikely to be a good reason for this. + Uncommon header 'x-fb-debug' found, with contents: SA17Z/1jGOMUff7U39k20M0c/6sSZAD/Jvv00FPyIR603jOZAx91mrwQ5WVjhkAOm0FI683ditjc0KXc2o+5DQ== + Entry '/album.php' in robots.txt returned a non-forbidden or redirect HTTP code (200) + Entry '/checkpoint/' in robots.txt returned a non-forbidden or redirect HTTP code (302) + Entry '/contact_importer/' in robots.txt returned a non-forbidden or redirect HTTP code (200) + Entry '/file_download.php' in robots.txt returned a non-forbidden or redirect HTTP code (200) + Entry '/live/' in robots.txt returned a non-forbidden or redirect HTTP code (302) + Entry '/moments_app/' in robots.txt returned a non-forbidden or redirect HTTP code (302) + Entry '/p.php' in robots.txt returned a non-forbidden or redi