-
SugarCRM <= 6.5.18 Two PHP Code Injection Vulnerabilities
-
[-] Software Link:
http://www.sugarcrm.com/
[-] Affected Versions:
Version 6.5.18 CE and prior versions.
[-]
--
SugarCRM <= 6.5.18 Missing Authorization Check Vulnerabilities
--
[-] Software Link:
http://www.sugarcrm.com/
[-] Affected Versions:
Version 6.5.18 CE and prior
-
SugarCRM <= 6.5.18 (MySugar::addDashlet) Insecure fopen() Usage Vulnerability
-
[-] Software Link:
http://www.sugarcrm.com/
[-] Affected
--
SugarCRM <= 6.5.23 (SugarRestSerialize.php) PHP Object Injection Vulnerability
--
[-] Software Link:
http://www.sugarcrm.com/
[-] Affected
SEC Consult Vulnerability Lab Security Advisory < 20160624-0 >
===
title: XSS and information disclosure vulnerability
product: ASUS DSL-N55U router
vulnerable version: 3.0.0.4.376_2736
TIMELINE
rootredrain submitted a report to Ruby.
show raw
Jun 22nd
Hi,
I would like to report a HTTP Header injection vulnerability in
'net/http' that allows attackers to inject arbitrary headers in
request even create a new evil request.
PoC
require 'net/http'
http =