Schneider Modicon M221CE16R Hard-Coded Vulnerability

The Modicon M221CE16R is an all-in-one programmable controller from Schneider Electric Co. The Schneider Modicon M221CE16R is vulnerable to a hard-coded vulnerability where XML files are AES-CBC encrypted, but the key used for encryption is hard-coded and cannot be changed. After decrypting the X...

OSINT Gathering Tool: Inquisitor

OSINT Gathering Tool Inquisitor is a simple for gathering information on companies and organizations through the use of Open Source Intelligence OSINT sources. The key features of Inquisitor include: 1. The ability to cascade the ownership label of an asset e.g. if a Registrant Name is known to...

inquisitor - OSINT Gathering Tool for Companies and Organizations

Inquisitor is a simple for gathering information on companies and organizations through the use of Open Source Intelligence OSINT sources. The key features of Inquisitor include: 1. The ability to cascade the ownership label of an asset e.g. if a Registrant Name is known to belong to the target...

Cross site request forgery (csrf)

A Cross-Site Request Forgery issue was discovered in Meteocontrol WEB'log Basic 100 all versions, Light all versions, Pro all versions, and Pro Unlimited all versions. There is no CSRF Token generated per page or per function...

WordPress plugin vulnerabilities affect over 100 million websites-vulnerability warning-the black bar safety net

As our Sucuri firewallWAF, vulnerability research part of the project, in order to find the existence of security issues, we have audited the plurality of open source projects. When audit WordPress“NextGEN”Gallery plugin, we found a seriousSQL injectionvulnerabilities. The vulnerability allows an...

Joomla MediaLibrary Basic 3.5 SQL Injection

Exploit Title: Joomla! Component MediaLibrary Basic v3.5 - SQL Injection Google Dork: inurl:index.php?option=combooklibrary Date: 22.02.2017 Vendor Homepage: http://ordasoft.com/ Software Buy: https://extensions.joomla.org/extensions/extension/living/education-a-culture/medialibrary-basic/ Demo:...

Schneider Electric Modicon M340 Devices Buffer Overflow Vulnerability (SEVD-2015-344-01)

Schneider Electric Modicon M340 devices are prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if...

Nextcloud: HTTP-Basic Authentication on logs.nextcloud.com

Greetings, While visiting https://logs.nextcloud.com/ , I noticed that this server use HTTP-Basic Authentication. F152730 POC : ------ GET https://logs.nextcloud.com/ HTTP/1.1 User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10.11; rv:50.0 Gecko/20100101 Firefox/50.0 Accept:...

MS14-011: Description of the security update for Visual Basic Scripting Edition (VBScript) 5.7: February 11, 2014

MS14-011: Description of the security update for Visual Basic Scripting Edition VBScript 5.7: February 11, 2014 INTRODUCTION Microsoft has released security bulletin MS14-011. To view the complete security bulletin, go to one of the following Microsoft websites: Home...

SQL Injection Vulnerability in Haixie Zhikang Base Platform

Haixie Zhikang Basic Platform is a management system for food and beverage and pharmaceuticals. A SQL injection vulnerability exists in the Haixie Zhikang Basic Platform login, which can be exploited by attackers to obtain sensitive information from the website database...

WordPress: Wordpress 4.7 - CSRF -> HTTP SSRF any private ip:port and basic-auth

Description This report is a variant on report 110801 but with broader vector. 110801 was a XSRF SSRF that allowd unintended GET requests to 0.0.0.0 on port 80, 443 and 8080. This vulnerability uses same entry vector of the press this scrape function but entirely bypasses the ip and port filter...

SweetRice 1.5.1 Cross Site Request Forgery / Cross Site Scripting

alert1' alert1 3. Xss in Page Limit: Payload should inject in cookies. Vulnerable Parameter : pagelimit Headers : GET /as/?appmode=database&plugin=App&type=plugin& HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 Windows NT 10.0; rv:49.0 Gecko/20100101 Firefox/49.0 Accept:...

SweetRice 1.5.1 - Arbitrary File Upload

/usr/bin/python -- Coding: utf-8 -- Exploit Title: SweetRice 1.5.1 - Unrestricted File Upload Exploit Author: Ashiyane Digital Security Team Date: 03-11-2016 Vendor: http://www.basic-cms.org/ Software Link: http://www.basic-cms.org/attachment/sweetrice-1.5.1.zip Version: 1.5.1 Platform: WebApp -...

SweetRice 1.5.1 - Arbitrary File Download Exploit

Exploit for php platform in category web applications /usr/bin/python -- Coding: utf-8 -- Exploit Title: SweetRice 1.5.1 - Local File Inclusion Exploit Author: Ashiyane Digital Security Team Date: 03-11-2016 Vendor: http://www.basic-cms.org/ Software Link:...

SSL Enabled Basic Auth Credential Harvester: phishery

An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector Phishery is a Simple SSL Enabled HTTP server with the primary purpose of phishing credentials via Basic Authentication. Phishery also provides the ability easily to inject the URL into a .docx Word document...

CERT Basic Fuzzing Framework: BFF

CERT Basic Fuzzing Framework The CERT Basic Fuzzing Framework BFF is a software testing tool that finds defects in applications that run on the Linux and Mac OS X platforms. BFF performs mutational fuzzing on software that consumes file input. Mutational fuzzing is the act of taking well-formed...

SUSE-SU-2016:2358-1 Security update for wget

This update for wget fixes the following issues: - CVE-2016-4971: A HTTP to FTP redirection file name confusion vulnerability was fixed. bsc984060. - CVE-2016-7098: A potential race condition was fixed by creating files with .tmp ext and making them accessible to the current user only. bsc995964...

Microsoft Office Information Disclosure Vulnerability (CNVD-2016-07925)

Microsoft Office is a suite of office software products developed by Microsoft.Visual Basic macros is one of the programming languages dedicated to performing common automation OLE tasks in desktop applications. An information disclosure vulnerability exists in Visual Basic macros in Microsoft...

CVE-2016-3375

The OLE Automation mechanism and VBScript scripting engine in Microsoft Internet Explorer 9 through 11, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow remote attackers to...

CVE-2016-0141

The Visual Basic macros in Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2016 export a certificate-store private key during a document-save operation, which allows attackers to obtain sensitive information via unspecified vectors, aka "Microsoft Information Disclosure Vulnerability."...