what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 913 RSS Feed

JavaScript Files

Ubuntu Security Notice USN-7113-1
Posted Nov 19, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7113-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2024-44244
SHA-256 | dd5f06682ca93a1fe2093e0af57570ec9766114fd67a9256775ecb3b152853a5
Pyload Remote Code Execution
Posted Nov 18, 2024
Authored by Spencer McIntyre, jheysel-r7 | Site metasploit.com

CVE-2024-28397 is a sandbox escape in js2py versions 0.74 and below. js2py is a popular python package that can evaluate javascript code inside a python interpreter. The vulnerability allows for an attacker to obtain a reference to a python object in the js2py environment enabling them to escape the sandbox, bypass pyimport restrictions and execute arbitrary commands on the host. At the time of this writing no patch has been released and version 0.74 is the latest version of js2py which was released Nov 6, 2022. CVE-2024-39205 is a remote code execution vulnerability in Pyload versions 0.5.0b3.dev85 and below. It is an open-source download manager designed to automate file downloads from various online sources. Pyload is vulnerable because it exposes the vulnerable js2py functionality mentioned above on the /flash/addcrypted2 API endpoint. This endpoint was designed to only accept connections from localhost but by manipulating the HOST header we can bypass this restriction in order to access the API to achieve unauthenticated remote code execution.

tags | exploit, remote, arbitrary, javascript, code execution, python
advisories | CVE-2024-28397, CVE-2024-39205
SHA-256 | 80427d657de061fee48a9f5adbb6c131d9fca4ddd53f67cf67ca1b3ed439fddd
Ubuntu Security Notice USN-7079-1
Posted Oct 23, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7079-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2024-40866
SHA-256 | 6a7758c0aafb7862f063dd5f40ab40a50c428f0d89914869aa92bd6418d440ef
Ubuntu Security Notice USN-7061-1
Posted Oct 10, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7061-1 - Hunter Wittenborn discovered that Go incorrectly handled the sanitization of environment variables. An attacker could possibly use this issue to run arbitrary commands. Sohom Datta discovered that Go did not properly validate backticks as Javascript string delimiters, and did not escape them as expected. An attacker could possibly use this issue to inject arbitrary Javascript code into the Go template.

tags | advisory, arbitrary, javascript
systems | linux, ubuntu
advisories | CVE-2023-24531, CVE-2023-24538, CVE-2023-29402, CVE-2023-29403, CVE-2023-29404, CVE-2023-29405, CVE-2023-29406, CVE-2023-39319, CVE-2023-39325, CVE-2024-24785
SHA-256 | 366aa6bc269ca28c4b992ad13527bd77d7968a9ad5dcd84915ed51954acbe4c1
Ubuntu Security Notice USN-7056-1
Posted Oct 7, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7056-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Masato Kinugawa discovered that Firefox did not properly validate javascript under the "resource://pdf.js" origin. An attacker could potentially exploit this issue to execute arbitrary javascript code and access cross-origin PDF content.

tags | advisory, denial of service, arbitrary, javascript
systems | linux, ubuntu
advisories | CVE-2024-9392, CVE-2024-9393, CVE-2024-9394, CVE-2024-9396, CVE-2024-9397, CVE-2024-9401, CVE-2024-9402
SHA-256 | 80c7f4192680b4c2101a2c6f637255686ae8913ec48a9a8254011849671e40e0
Ubuntu Security Notice USN-6996-1
Posted Sep 10, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6996-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2024-40776, CVE-2024-40789
SHA-256 | 495c021cebaed12775fb7591f330431d792303b4c0b48774c767ece1790af9e8
Arris / Motorola Surfboard SBG6580 Web Interface Takeover
Posted Aug 31, 2024
Authored by Jay Turla | Site metasploit.com

The web interface for the Arris / Motorola Surfboard SBG6580 has several vulnerabilities that, when combined, allow an arbitrary website to take control of the modem, even if the user is not currently logged in. The attacker must successfully know, or guess, the targets internal gateway IP address. This is usually a default value of 192.168.0.1. First, a hardcoded backdoor account was discovered in the source code of one device with the credentials "technician/yZgO8Bvj". Due to lack of CSRF in the devices login form, these credentials - along with the default "admin/motorola" - can be sent to the device by an arbitrary website, thus inadvertently logging the user into the router. Once successfully logged in, a persistent XSS vulnerability is exploited in the firewall configuration page. This allows injection of Javascript that can perform any available action in the router interface. The following firmware versions have been tested as vulnerable: SBG6580-6.5.2.0-GA-06-077-NOSH, and SBG6580-8.6.1.0-GA-04-098-NOSH.

tags | exploit, web, arbitrary, javascript, vulnerability
advisories | CVE-2015-0964, CVE-2015-0965, CVE-2015-0966
SHA-256 | f36f6d7417c70559d7f7d74186bcb494b198d249ab5558cf585da7c3bd0f23a1
Mac OS X Safari file:// Redirection Sandbox Escape
Posted Aug 31, 2024
Authored by joev | Site metasploit.com

Versions of Safari before 8.0.6, 7.1.6, and 6.2.6 are vulnerable to a "state management issue" that allows a browser window to be navigated to a file:// URL. By dropping and loading a malicious .webarchive file, an attacker can read arbitrary files, inject cross-domain Javascript, and silently install Safari extensions.

tags | exploit, arbitrary, javascript
advisories | CVE-2015-1155
SHA-256 | ec1e4e18a1e9d055c3ab49c1e568cfd98484e3ffe54d3a28caba066e8099b47f
C2S DVR Management Password Disclosure
Posted Aug 31, 2024
Authored by h00die, Yakir Wizman | Site metasploit.com

C2S DVR allows an unauthenticated user to disclose the username and password by requesting the javascript page read.cgi?page=2. This may also work on some cameras including IRDOME-II-C2S, IRBOX-II-C2S.

tags | exploit, cgi, javascript
SHA-256 | f14eb376c1dcefd1b99e4b5370da22899ba91385ab2b1509b470c463d912db0f
Firefox PDF.js Browser File Theft
Posted Aug 31, 2024
Authored by temp66, fukusa | Site metasploit.com

This Metasploit module abuses an XSS vulnerability in versions prior to Firefox 39.0.3, Firefox ESR 38.1.1, and Firefox OS 2.2 that allows arbitrary files to be stolen. The vulnerability occurs in the PDF.js component, which uses Javascript to render a PDF inside a frame with privileges to read local files. The in-the-wild malicious payloads searched for sensitive files on Windows, Linux, and OSX. Android versions are reported to be unaffected, as they do not use the Mozilla PDF viewer.

tags | exploit, arbitrary, local, javascript
systems | linux, windows, apple
advisories | CVE-2015-4495
SHA-256 | 51c57f3920e9435bf62bbd93f1635f5a4935408c0f9db23d25b25d8babebaaee
MS15-018 Microsoft Internet Explorer 10 and 11 Cross-Domain JavaScript Injection
Posted Aug 31, 2024
Authored by sinn3r, joev, David Leo, filedescriptor | Site metasploit.com

This Metasploit module exploits a universal cross-site scripting (UXSS) vulnerability found in Internet Explorer 10 and 11. By default, you will steal the cookie from TARGET_URI (which cannot have X-Frame-Options or it will fail). You can also have your own custom JavaScript by setting the CUSTOMJS option. Lastly, you might need to configure the URIHOST option if you are behind NAT.

tags | exploit, javascript, xss
advisories | CVE-2015-0072
SHA-256 | 37a50587dbae737c3c34aae3bf793f8dca961d0813adb06f366e89505427010a
Android Open Source Platform (AOSP) Browser UXSS
Posted Aug 31, 2024
Authored by Rafay Baloch, joev | Site metasploit.com

This Metasploit module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Androids open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. If your target URLs use X-Frame-Options, you can enable the "BYPASS_XFO" option, which will cause a popup window to be used. This requires a click from the user and is much less stealthy, but is generally harmless-looking. By supplying a CUSTOM_JS parameter and ensuring CLOSE_POPUP is set to false, this module also allows running arbitrary javascript in the context of the targeted URL. Some sample UXSS scripts are provided in data/exploits/uxss.

tags | exploit, arbitrary, javascript, xss
advisories | CVE-2014-6041
SHA-256 | c310932b590c18e1c4846f4e90d57edda5909db4103dc3c5954aec52431efc71
JVC/Siemens/Vanderbilt IP-Camera Readfile Password Disclosure
Posted Aug 31, 2024
Authored by h00die, Yakir Wizman | Site metasploit.com

SIEMENS IP-Camera (CVMS2025-IR + CCMS2025), JVC IP-Camera (VN-T216VPRU), and Vanderbilt IP-Camera (CCPW3025-IR + CVMW3025-IR) allow an unauthenticated user to disclose the username and password by requesting the javascript page readfile.cgi?query=ADMINID. Siemens firmwares affected: x.2.2.1798, CxMS2025_V2458_SP1, x.2.2.1798, x.2.2.1235.

tags | exploit, cgi, javascript
SHA-256 | 75f290c73dd9cc43a56aaf952cb417b04741e27f28826be5a9ebfc52ebd9c6c9
Mac OS X Safari .webarchive File Format UXSS
Posted Aug 31, 2024
Authored by joev | Site metasploit.com

Generates a .webarchive file for Mac OS X Safari that will attempt to inject cross-domain Javascript (UXSS), silently install a browser extension, collect user information, steal the cookie database, and steal arbitrary local files. When opened on the target machine the webarchive file must not have the quarantine attribute set, as this forces the webarchive to execute in a sandbox.

tags | exploit, arbitrary, local, javascript
systems | apple, osx
SHA-256 | 111b8b484280c1043940976e5d33858cc2c48891b75d23d8260fce63f84a668f
Ubuntu Security Notice USN-6969-1
Posted Aug 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6969-1 - It was discovered that Cacti did not properly apply checks to the "Package Import" feature. An attacker could possibly use this issue to perform arbitrary code execution. This issue only affected Ubuntu 24.04 LTS, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS and Ubuntu 18.04 LTS. It was discovered that Cacti did not properly sanitize values when using javascript based API. A remote attacker could possibly use this issue to inject arbitrary javascript code resulting into cross-site scripting vulnerability. This issue only affected Ubuntu 24.04 LTS.

tags | advisory, remote, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2024-25641, CVE-2024-29894, CVE-2024-31443, CVE-2024-31444, CVE-2024-31445, CVE-2024-31458, CVE-2024-31459, CVE-2024-31460, CVE-2024-34340, CVE-2024-34360
SHA-256 | 569974f66e44cbbc04571591151988d6a9b0642234fd900881b7bd97af4003b0
Ewon Cosy+ Improper Neutralization / Cross Site Scripting
Posted Aug 19, 2024
Authored by Moritz Abrell | Site syss.de

The Ewon Cosy+ is a VPN gateway used for remote access and maintenance in industrial environments. If login against the FTP service of the Cosy+ fails, the submitted username is saved in a log. This log is included in the Cosy+ web interface without neutralizing the content. As a result, an unauthenticated attacker is able to inject HTML/JavaScript code via the username of an FTP login attempt.

tags | exploit, remote, web, javascript
advisories | CVE-2024-33893
SHA-256 | 2db40156b7623d221c6a2ba726715a466f4672d315691354c619b685d3367967
Ubuntu Security Notice USN-6963-1
Posted Aug 16, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6963-1 - It was discovered that GNOME Shell incorrectly opened the portal helper automatically when detecting a captive network portal. A remote attacker could possibly use this issue to load arbitrary web pages containing JavaScript, leading to resource consumption or other attacks.

tags | advisory, remote, web, arbitrary, shell, javascript
systems | linux, ubuntu
advisories | CVE-2024-36472
SHA-256 | 3cae09853348edef16718240a08f0dae3c90185f9ca6feaec73a9afdc7a5c07f
Luvion Grand Elite 3 Connect Credential Disclosure
Posted Jul 30, 2024
Authored by Willem Westerhof, Jasper Nota, Jim Blankendaal, Martijn Baalman

An issue was discovered in Luvion Grand Elite 3 Connect through 2020-02-25. Clients can authenticate themselves to the device using a username and password. These credentials can be obtained through an unauthenticated web request, e.g., for a JavaScript file. Also, the disclosed information includes the SSID and WPA2 key for the Wi-Fi network the device is connected to.

tags | advisory, web, javascript, info disclosure
advisories | CVE-2020-11926
SHA-256 | c1840a21faea62a36c6bc7e40c57e0e5b17eba2135cb46888a2b4014361ad916
Ubuntu Security Notice USN-6848-1
Posted Jun 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6848-1 - Matthieu Faou and Denys Klymenko discovered that Roundcube incorrectly handled certain SVG images. A remote attacker could possibly use this issue to load arbitrary JavaScript code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.10. Rene Rehme discovered that Roundcube incorrectly handled certain headers. A remote attacker could possibly use this issue to load arbitrary JavaScript code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.10.

tags | advisory, remote, arbitrary, javascript
systems | linux, ubuntu
advisories | CVE-2023-47272, CVE-2023-5631, CVE-2024-37383, CVE-2024-37384
SHA-256 | 6806c53c3241b7542421db1f1d4222c2a53699435aca3668ff2429b7404c20a5
VSCode ipynb Remote Code Execution
Posted Jun 11, 2024
Authored by h00die, Zemnmez | Site metasploit.com

VSCode when opening a Jupyter notebook (.ipynb) file bypasses the trust model. On versions v1.4.0 through v1.71.1, its possible for the Jupyter notebook to embed HTML and javascript, which can then open new terminal windows within VSCode. Each of these new windows can then execute arbitrary code at startup. During testing, the first open of the Jupyter notebook resulted in pop-ups displaying errors of unable to find the payload exe file. The second attempt at opening the Jupyter notebook would result in successful execution. Successfully tested against VSCode 1.70.2 on Windows 10.

tags | exploit, arbitrary, javascript
systems | windows
advisories | CVE-2022-41034
SHA-256 | dfacdfad1b8092f162656aa7bc4778fc74536b788b7075dfea96dafa5efb29f3
Ubuntu Security Notice USN-6779-2
Posted May 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6779-2 - USN-6779-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Jan-Ivar Bruaroey discovered that Firefox did not properly manage memory when audio input connected with multiple consumers. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. Thomas Rinsma discovered that Firefox did not properly handle type check when handling fonts in PDF.js. An attacker could potentially exploit this issue to execute arbitrary javascript code in PDF.js. Irvan Kurniawan discovered that Firefox did not properly handle certain font styles when saving a page to PDF. An attacker could potentially exploit this issue to cause a denial of service.

tags | advisory, denial of service, arbitrary, javascript, vulnerability
systems | linux, ubuntu
advisories | CVE-2024-4367, CVE-2024-4764, CVE-2024-4768, CVE-2024-4770, CVE-2024-4774
SHA-256 | 04753870be2f86ad507c1b333e07383bc770d2d1eff3370507f9073d2cd6e5b7
Ubuntu Security Notice USN-6788-1
Posted May 28, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6788-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2024-27834
SHA-256 | 2ba9114499615625ceec3aef13282d48432167a8d10e47afc3ee65f19e05d3e3
Ubuntu Security Notice USN-6782-1
Posted May 22, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6782-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. Thomas Rinsma discovered that Thunderbird did not properly handle type check when handling fonts in PDF.js. An attacker could potentially exploit this issue to execute arbitrary javascript code in PDF.js.

tags | advisory, denial of service, arbitrary, javascript
systems | linux, ubuntu
advisories | CVE-2024-4367, CVE-2024-4769, CVE-2024-4770, CVE-2024-4777
SHA-256 | 0f0a71c347b975f78289e67052bdd319bc9db3306585631d3361530ff7c998bf
Ubuntu Security Notice USN-6732-1
Posted Apr 16, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6732-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2023-42843, CVE-2024-23254
SHA-256 | de34dd341ebb6d403b4c828166ceeda34879902207f833c29fa8ffd18d7ee2ad
Debian Security Advisory 5645-1
Posted Mar 25, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5645-1 - Manfred Paul discovered a flaw in the Mozilla Firefox web browser, allowing an attacker to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process.

tags | advisory, web, arbitrary, javascript
systems | linux, debian
advisories | CVE-2024-29944
SHA-256 | 4f5d9a853e227dab14b126ce8536d5e0bccc071fc1e3eea740c201c1d75a9146
Page 1 of 37
Back12345Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close