MyBB My Arcade Plugin 1.3 - Cross-Site Scripting

MyBB My Arcade Plugin 1.3 - Cross-Site Scripting Exploit Title: MyBB My Arcade Plugin v1.3 - Persistent XSS Date: 2/21/2018 Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atprotonmail.com Software Link: https://community.mybb.com/mods.php?action=view&pid=411 Version: 1.3 Tested on: Ubuntu...

foreman: Stored XSS in org/loc wizard

A vulnerability was found in foreman 1.14.0. When creating an organization or location in Foreman, if the name contains HTML then the second step of the wizard /organizations/id/step2 will render the HTML. This occurs in the alertbox on the page. The result is a stored XSS attack if an...

CVE-2018-1184

An issue was discovered in EMC RecoverPoint for Virtual Machines versions prior to 5.1.1, EMC RecoverPoint version 5.1.0.0, and EMC RecoverPoint versions prior to 5.0.1.3. Command injection vulnerability in Boxmgmt CLI may allow a malicious user with boxmgmt privileges to bypass Boxmgmt CLI and r...

Unauthorized access vulnerability in Xiaomi Box

Xiaomi Box is a high-definition Internet TV box. Xiaomi Box suffers from an unauthorized access vulnerability, which is due to the failure of the Xiaomi Box server to verify authorization for service access. An attacker can use this vulnerability to install and uninstall applications, play...

Buffer overflow

A buffer overflow in Handy Password 4.9.3 allows remote attackers to execute arbitrary code via a long "Title name" field in "mail box" data that is mishandled in an "Open from mail box" action...

CVE-2017-17946

A buffer overflow in Handy Password 4.9.3 allows remote attackers to execute arbitrary code via a long "Title name" field in "mail box" data that is mishandled in an "Open from mail box" action...

CVE-2017-17946

A buffer overflow in Handy Password 4.9.3 allows remote attackers to execute arbitrary code via a long "Title name" field in "mail box" data that is mishandled in an "Open from mail box" action...

Web Application Vulnerability Scanner: Wapiti

Wapiti allows you to audit the security of your web applications. It performs “black-box” scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti act...

Wapiti 3.0.0 - The Web-Application Vulnerability Scanner

Wapiti allows you to audit the security of your websites or web applications. It performs "black-box" scans it does not study the source code of the web application by crawling the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets the list of...

Meltdown Exploit PoC

Speculative optimizations execute code in a non-secure manner leaving data traces in microarchitecture such as cache. Refer to the paper by Lipp et. al 2017 for details: https://meltdownattack.com/meltdown.pdf. Can only dump linuxprocbanner at the moment, since requires accessed memory to be in...

Microsoft SharePoint Limited Access Permission Bypass

vulnerability Title: Microsoft SharePoint 'Limited Access' Permission Bypass This vulnerability was discovered by 'Behnam Vanda' January 07, 2018 ====================== I. About Vulnerability ====================== A permission level bypass vulnerability has been identified in microsoft sharePoin...

[SECURITY] Fedora 27 Update: shellinabox-2.20-5.fc27

Shell In A Box implements a web server that can export arbitrary command li ne tools to a web based terminal emulator. This emulator is accessible to any JavaScript and CSS enabled web browser and does not require any additional browser plugins...

spareyourpowercharger.com XSS vulnerability

Open Bug Bounty ID: OBB-459811 Description| Value ---|--- Affected Website:| spareyourpowercharger.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Preventi...

[SECURITY] Fedora 26 Update: shellinabox-2.20-5.fc26

Shell In A Box implements a web server that can export arbitrary command li ne tools to a web based terminal emulator. This emulator is accessible to any JavaScript and CSS enabled web browser and does not require any additional browser plugins...

UBUNTU-CVE-2017-17670

In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation...

Multiple Mediaburst/Clockwork Plugins - Cross-Site Scripting (XSS)

Reflected XSS via GET parameter "to". Vulnerable Plugins: ------------------------------------------ 1. Clockwork Free and Paid SMS Notifications URL: https://wordpress.org/plugins/mediaburst-email-to-sms/ Version 2.0.3 | By Clockwork 2. Two-Factor Authentication - Clockwork SMS URL:...

Hashicorp vagrant-vmware-fusion 4.0.23 - Local root Privilege Escalation Exploit

Exploit for macOS platform in category local exploits A couple of weeks ago I disclosed a local root privesc in Hashicorp's vagrant-vmware-fusion plugin: https://m4.rkw.io/blog/cve20177642-local-root-privesc-in-hashicorp-vagrantvmw... The initial patch they released was 4.0.21 which unfortunately...

WordPress Emag Marketplace Connector Plugin Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform using PHP language development, the platform supports in PHP and MySQL servers to set up a personal blog site.Emag Marketplace Connector plugin is used in which a can be WooCommerec store and the The eMAG Marketplace...

GHSA-653M-R33X-39FF Geminabox contains Cross-site Scripting

Stored cross-site scripting XSS vulnerability in "geminabox" Gem in a Box before 0.13.10 allows attackers to inject arbitrary web script via the "homepage" value of a ".gemspec" file, related to views/gem.erb and views/index.erb...

box-team-tommy.de XSS vulnerability

Open Bug Bounty ID: OBB-440923 Description| Value ---|--- Affected Website:| box-team-tommy.de Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...