Search the Community
Showing results for tags 'header'.
-
Hi, all I'v been posting on newsgroups/usenet and trying to figure out how to query the X-Ufhash NNTP header that returns a long encrypted string to get meaningfull info X-Ufhash : ZaQJEMf5JdvcWEOleKoXo4ljK0hv5rauvinj9qfPFH9gkEPA9vOw7Jqtkzj1SWuX6Q8ZeGvPfoGqFZipnXALeUtU8QLJQ513NMFAEVrNG2z3xZ48ksSy%2BKsEFCn6UJps8tZrNOrMiMKF%2FNofAzkyepiHCjV5CTN9PZ%2BV54b86ugEh9hPoGwPMgxFJJ8naz5uHr%2BHog6zUm4qfvxfrhgiuz17g%2BMO07eqsGuJ is there some kind of way to decode ? any ideas ? thank's in advance
-
GoAhead version 2.5.0 suffers from a host header injection vulnerability. View the full article
-
YzmCMS version 5.3 suffers from a host header injection vulnerability. View the full article
-
Cisco IronPort C350 remote host header injection exploit. View the full article
-
Cisco IronPort C150 suffers from a remote host header injection vulnerability. View the full article
-
Exploits Apache Tika 1.17 Header Command Injection
1337day-Exploits posted a topic in Updated Exploits
This Metasploit module exploits a command injection vulnerability in Apache Tika versions 1.15 through 1.17 on Windows. A file with the image/jp2 content-type is used to bypass magic byte checking. When OCR is specified in the request, parameters can be passed to change the parameters passed at command line to allow for arbitrary JScript to execute. A JScript stub is passed to execute arbitrary code. This module was verified against version 1.15 through 1.17 on Windows 2012. While the CVE and finding show more versions vulnerable, during testing it was determined only versions greater than 1.14 were exploitable due to jp2 support being added. View the full article