Z-BLOG Blind-XXE Arbitrary File Read Vulnerability

Z-Blog is developed by RainbowSoft Studio a Blog program based on the Asp platform . Z-Blog has an arbitrary file read vulnerability. /zbsystem/xml-rpc/index.php directly call simpleloadstring parsing XML, resulting in XML entity injection, an attacker can read system files using the vulnerabilit...

HTTP Client Automatic Exploiter 2 (Browser Autopwn)

This module will automatically serve browser exploits. Here are the options you can configure: The INCLUDEPATTERN option allows you to specify the kind of exploits to be loaded. For example, if you wish to load just Adobe Flash exploits, then you can set Include to 'adobeflash'. The EXCLUDEPATTER...

Z-blog at the front Desk without signing in contains a vulnerability a gold-bug warning-the black bar safety net

http://www.zblogcn.com/zblogphp/ download The problem occurs in zbinstall/index. php I also notice a bit after the installation is complete is to write what's prompt The results of the installation Create the database! zblog Connect to the database and create a data table! Create and insert data...

Z-BLOG Blind-XXE result in arbitrary file read vulnerability warning-the black bar safety net

Download the latest version of Z-Blog: http://bbs.zblogcn.com/thread-88670-1-1.html /zbsystem/xml-rpc/index.php 6 4 1 row: $zbp-Load; AddFilterPlugin'FilterPluginZbpShowError','RespondError'; $xmlstring = filegetcontents 'php://input' ; //Logs$xmlstring; $xml = simplexmlloadstring$xmlstring; The...

Windows Interactive Powershell Session, Bind TCP

Listen for a connection and spawn an interactive powershell session This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/powershell' Extends the Exec payload run a powershell command module MetasploitModule...

Linux Kernel (PonyOS 3.0) - ELF Loader Local Privilege Escalation

Exploit Title: PonyOS = 3.0 ELF loader privilege escalation Google Dork: if applicable Date: 29th May 2015 Exploit Author: Hacker Fantastic Vendor Homepage: www.ponyos.org Software Link: download link if available Version: 3.0 Tested on: 3.0 CVE : N/A Source:...

Qibo Blog /member/userinfo.php SQL注入漏洞

No description provided by source...

WordPress FingerPrinter Tool: Plecost

Plecost is a vulnerability fingerprinting and vulnerability finder for WordPress blog engine Why? There are a huge number of WordPress around the world. Most of them are exposed to be attacked and be converted into a virus, malware or illegal porn provider, without the knowledge of the blog owner...

Google Releases Security Update for Chrome

Google has released Chrome version 43.0.2357.65 for Windows, Mac, and Linux to address multiple vulnerabilities. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Google Chrom...

WordPress Encrypted Blog Plugin <= 0.0.6.2 - Arbitrary Site Redirection

This plugin is prone to an arbitrary site redirection via encryptblogform.php redirectto parameter. Solution Upgrade this plugin...

WordPress Encrypted Blog Plugin <= 0.0.6.2 - Reflected Cross Site Scripting

This plugin is prone to a cross site scripting vulnerability via encryptblogform.php redirectto parameter. Solution Update the plugin...

WordPress Encrypted Blog Plugin <= 0.0.6.2 - Reflected Cross Site Scripting

This plugin is prone to a cross site scripting vulnerability via encryptblogform.php redirectto parameter. Solution Update the plugin...

WordPress Encrypted Blog Plugin <= 0.0.6.2 - Arbitrary Site Redirection

This plugin is prone to an arbitrary site redirection via encryptblogform.php redirectto parameter. Solution Upgrade this plugin...

Space permissions ignored in list of blog posts by date

h3. Summary Users have the ability to view a list of all blog posts, even from spaces in which they don't have permission to access. h3. Steps to Reproduce Install Confluence 5.7.x Create two spaces Space A Space B remove all permissions for confluence-users Create a blog post in Space A Create a...

Space permissions ignored in list of blog posts by date

h3. Summary Users have the ability to view a list of all blog posts, even from spaces in which they don't have permission to access. h3. Steps to Reproduce Install Confluence 5.7.x Create two spaces Space A Space B remove all permissions for confluence-users Create a blog post in Space A Create a...

Space permissions ignored in list of blog posts by date

h3. Summary Users have the ability to view a list of all blog posts, even from spaces in which they don't have permission to access. h3. Steps to Reproduce Install Confluence 5.7.x Create two spaces Space A Space B remove all permissions for confluence-users Create a blog post in Space A Create a...

Google Releases Security Update for Chrome

Google has released Chrome version 42.0.2311.135 for Windows, Mac, and Linux to address multiple vulnerabilities. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Google Chrome...

IBM WebSphere Portal 8.0.0.x < 8.0.0.1 CF15 Multiple Vulnerabilities

The version of IBM WebSphere Portal installed on the remote host is 8.0.0.x prior to 8.0.0.1 CF15. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in 'Apache Commons HttpClient' that allows a man-in-the-middle attacker to spoof SSL servers via a certificate with a subject...

Apple Mac OSX - &#039;Rootpipe&#039; Local Privilege Escalation (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Mac OS X "Rootpipe" Privilege Escalation', 'Description' = %q This module exploits a hidden backdoor API in Apple's Admin framework ...

Apple OS X Rootpipe Privilege Escalation

This module exploits a hidden backdoor API in Apple's Admin framework on Mac OS X to escalate privileges to root, dubbed "Rootpipe." This module was tested on Yosemite 10.10.2 and should work on previous versions. The patch for this issue was not backported to older releases. Note: you must run...