exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files

CouchDB UUIDS Denial Of Service
Posted Mar 26, 2014
Authored by KrustyHack

CouchDB versions up to 1.5.0 suffer from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | c6a608654fa5592ef05092fa31b0f667e9d283fcfdd700bc26d2fcc069fe40e6

Related Files

Apache CouchDB Erlang Remote Code Execution
Posted Nov 2, 2022
Authored by 1F98D, jheysel-r7, Konstantin Burov, _sadshade, Milton Valencia | Site metasploit.com

In Apache CouchDB versions prior to 3.2.2, an attacker can access an improperly secured default installation without authenticating and gain admin privileges.

tags | exploit
advisories | CVE-2022-24706
SHA-256 | adaa831a27cc8a7dbc13e63bb293d887542dcd7e9b4a0d6eb85acf4fc9076b08
Apache CouchDB 3.2.1 Remote Code Execution
Posted May 11, 2022
Authored by Konstantin Burov

Apache CouchDB version 3.2.1 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2022-24706
SHA-256 | f1687dd02add8cf6fd95b916d13ebd9d1a2a3752722f49c27c7755203c138d46
Apache CouchDB 2.3.1 Cross Site Request Forgery / Cross Site Scripting
Posted Mar 22, 2019
Authored by Ozer Goker

Apache CouchDB version 2.3.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, csrf
SHA-256 | a8151accf125aaa23c543cc976db64a284b1027c29596ce6a1104e9da5b5eb45
Apache CouchDB 2.3.0 Cross Site Scripting
Posted Feb 18, 2019
Authored by Ozer Goker

Apache CouchDB version 2.3.0 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 254a41d5efcfb8e353d98e826e4ea9db25e1337b6a73870abb1e55158dee2698
Apache CouchDB 2.3.0 Cross Site Request Forgery
Posted Jan 3, 2019
Authored by Ozer Goker

Apache CouchDB version 2.3.0 suffers from cross site request forgery vulnerabilities providing there's a loose CORs policy.

tags | exploit, vulnerability, csrf
SHA-256 | 6678d3e21c0a5997e827adc0f476c65d1375706727fd7f23aad5cecb3f28f4c0
Apache CouchDB Remote Code Execution
Posted Jun 21, 2018
Authored by Cody Zacharias

Apache CouchDB versions prior to 2.1.0 remote code execution proof of concept exploit.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2017-12636
SHA-256 | ab8707eb0c1362d2ee6b04feda50214c30fb3a36f58e891f9b7dd244982cac5f
Apache CouchDB 1.7.0 / 2.x Remote Privilege Escalation
Posted Apr 23, 2018
Authored by Sebastian Castro

Apache CouchDB versions 1.7.0 and 2.x before 2.1.1 suffer from a remote privilege escalation vulnerability.

tags | exploit, remote
advisories | CVE-2017-12635
SHA-256 | 525d67ae1bd8cce85c38aefe50c57f261d94efb9be445529a511817757bd7d95
Apache CouchDB 1.0.3 / 1.1.1 / 1.2.0 JSONP Adobe Code Execution
Posted Jan 14, 2013
Authored by Jan Lehnardt | Site couchdb.apache.org

A hand-crafted JSONP callback and response can be used to run arbitrary code inside client-side browsers via Adobe Flash in Apache CouchDB versions up to and including 1.0.3, 1.1.1, and 1.2.0.

tags | advisory, arbitrary
advisories | CVE-2012-5649
SHA-256 | 5a2dd81bafd715b2feba5ff5376839517a8c160f8e3cf3ca974c5d881e77a6d6
Apache CouchDB 1.0.3 / 1.1.1 / 1.2.0 Cross Site Scripting
Posted Jan 14, 2013
Authored by Jan Lehnardt | Site couchdb.apache.org

Apache CouchDB versions up to and including 1.0.3, 1.1.1, and 1.2.0 are vulnerable to a DOM based cross site scripting issue.

tags | advisory, xss
advisories | CVE-2012-5650
SHA-256 | c4a4d0ab65eac5dc5149ee6760f776cab2bbc0d6b3d641a0e367abd408c3dd9f
Apache CouchDB 1.0.3 / 1.1.1 / 1.2.0 Information Disclosure
Posted Jan 14, 2013
Authored by Jan Lehnardt | Site couchdb.apache.org

Apache CouchDB versions up to and including 1.0.3, 1.1.1, and 1.2.0 are vulnerable to an information disclosure vulnerability via unescaped backslashes in URLs on Windows.

tags | advisory, info disclosure
systems | windows
advisories | CVE-2012-5641
SHA-256 | 695edda9ff914489aa4029a5b2464d213b6047fda517767aad52f0a0fcaa41c1
Apache CouchDB Cross Site Scripting
Posted Jan 31, 2011
Authored by Jan Lehnardt | Site couchdb.apache.org

Apache CouchDB versions 0.8.0 through 1.0.1 suffer from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2010-3854
SHA-256 | aec2effc07ba1f9df510a896ba42a83ba1b28cab85adc9b70e9e09f59b56c267
Apache CouchDB Cross Site Request Forgery
Posted Aug 17, 2010
Authored by Jan Lehnardt | Site couchdb.apache.org

Apache CouchDB versions prior to version 0.11.1 are vulnerable to cross site request forgery (CSRF) attacks. A malicious website can POST arbitrary JavaScript code to well known CouchDB installation URLs (like http://localhost:5984/) and make the browser execute the injected JavaScript in the security context of CouchDB's admin interface Futon.

tags | advisory, web, arbitrary, javascript, csrf
SHA-256 | 8d09452fd99f2a9bde805d6d65592ab8d21f59caa9061c042dfef6dc38b7b5e5
Apache CouchDB Timing Attack
Posted Apr 1, 2010
Authored by Jason Davies | Site couchdb.apache.org

Apache CouchDB versions prior to version 0.11.0 are vulnerable to timing attacks, also known as side-channel information leakage, due to using simple break-on-inequality string comparisons when verifying hashes and passwords.

tags | advisory
advisories | CVE-2010-0009
SHA-256 | bbe4edeb361a96c9e551e286e2cd996324760c3fa8fc5cad42081d50e8efd871
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close