VLC Media Player Web Interface Cross Site Scripting Vulnerability (Dec 2015) - Windows

VLC media player is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2015-5273

creationtimestamp| type| source ---|---|--- 2015-12-01 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38835...

TECO SG2 FBD Client 3.51 SEH Overwrite Buffer Overflow Vulnerability

Summary SG2 Client is a program that enables to create and edit applications. The program is providing two edit modes, LADDER and FBD to rapidly and directly input the required app. The Simulation Mode allows users to virtually run and test the program before it is loaded to the controller...

Milton Webdav 2.7.0.1 XXE Injection Vulnerability

Milton Webdav version 2.7.0.1 suffers from an XXE injection vulnerability. I've recently found vulnerability in Milton Webdav 2.7.0.1 project page - http://milton.io/. Milton Webdav is a Java library for adding webdav capabilities to your applications. Milton Webdav supports PROPFIND, PROPPATCH a...

XPL-SEARCH - Search Exploits In Multiple Exploit Databases

XPL SEARCH Search exploits in multiple exploit databases! Exploit databases available: Exploit-DB MIlw0rm PacketStormSecurity IntelligentExploit IEDB CVE TO RUN THE SCRIPT PHP Version cli 5.5.8 or higher php5-cli Lib cURL support Enabled php5-curl Lib cURL Version 7.40.0 or higher allowurlfopen O...

PCMan FTP Server 2.0.7 - Directory Traversal

!/usr/bin/python title: PCMan FTP Server v2.0.7 Directory Traversal author: Jay Turla tested on Windows XP Service Pack 3 - English software Link: https://www.exploit-db.com/apps/9fceb6fefd0f3ca1a8c36e97b6cc925d-PCMan.7z description: PCMAN FTP 2.07 is vulnerable to Directory Traversal quick and...

ADH-Web Server IP-Cameras Multiple Improper Access Restrictions Vulnerabilities - Active Check

ADH-Web Server IP-Camera is prone to multiple access restrictions vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Exploit Search: XPL-Search

XPL SEARCH is a script made in PHP, to perform quick searches for vulnerabilities or exploits in multiple databases Dependencies: The XPL SEARCH is written in PHP and therefore, can be used both on Linux or Windows. The following items are required for the proper functioning of the script: PHP...

IKEView R60 - Local Buffer Overflow (SEH)

!/usr/bin/python EXPLOIT TITLE: IKEView R60 Buffer overflowSEH Local Exploit AUTHOR: VIKRAMADITYA "-OPTIMUS" Credits: hyp3rlinx Date of Testing: 17th September 2015 Download Link : https://www.exploit-db.com/apps/e74a3dcf9bd8a2dd05026532fbf9bb36-IKEView.exe Tested On : Windows XP Service Pack 2...

Microsoft Office Products Insecure Library Loading Vulnerability

microsoft products is prone to insecure library loading vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security researcher exposure FireEye core product 0day vulnerabilities-vulnerability warning-the black bar safety net

Recently, researchers Kristian Erik Hermansen from the FireEye core product found a 0day vulnerability will result in unauthorized file disclosure. He also provides a short trigger vulnerability of the examples and the user database file copy. In addition, he also disclosed selling three other...

CVE-2015-3082

creationtimestamp| type| source ---|---|--- 2015-08-19 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/37840...

Easy File Management Web Server 5.6 - USERID Remote Buffer Overflow Exploit

Easy File Management Web Server version 5.6 suffers from a USERID remote buffer overflow vulnerability. !/usr/bin/python Exploit Title: Easy File Management Web Server v5.6 - USERID Remote Buffer Overflow Version: 5.6 Date: 2015-08-17 Author: Tracy Turben email protected Software Link:...

Microsoft Windows Server 2003 SP2 - TCP/IP IOCTL Privilege Escalation (MS14-070)

/ Exploit Title: Windows 2k3 SP2 TCP/IP IOCTL Privilege Escalation MS14-070 Date: 2015-08-10 Exploit Author: Tomislav Paskalev Vulnerable Software: Windows 2003 SP2 x86 Windows 2003 SP2 x86-64 Windows 2003 SP2 IA-64 Supported vulnerable software: Windows 2003 SP2 x86 Tested on: Windows 2003 SP2 x...

烽火（Fiberhome）HG-110 设备目录穿越漏洞

知道创宇安全研究团队 2015 . 03 . 31一.漏洞概要近期，国外安全研究员发布了针对全球 ADSL 设备存在目录穿越漏洞的研究网页链接1，这个漏洞早在 2011 年就被提出了，影响烽火（Fiberhome）HG-110 型号设备网页链接2，本着学习的态度，笔者对该漏洞进行了一番考证，写在这里。a）漏洞描述烽火（Fiberhome）HG-110 型号设备目录穿越漏洞网页链接3，是由于 webproc 文件在处理参数 getpage 传递过来的文件访问时没有合适过滤，导致用户可以利用 ../../ 跳转访问 web 目录之外的系统文件。b）漏洞分析烽火（Fiberhome）HG-11...

Huawei Home Gateway UPnP/1.0 IGD/1.00 - Password Disclosure

!/usr/bin/python Exploit Title: Huawei Home Gateway password disclosure Date: June 27, 2015 Exploit Author: Fady Mohamed Osman @fadyosman Vendor Homepage: http://www.huawei.com/en/ Software Link: N/A. Version: UPnP/1.0 IGD/1.00 Tested on: HG530 - HG520b Provided by TE-DATA egypt Exploit-db :...

Syria2u You Shop 1.0 Cross Site Request Forgery / Cross Site Scripting

| Title : Syria2u You Shop v1.0 Mullti Vulnerability | Author : indoushka | email : [email protected] | Dork : سكربت يوشــوب للتسوق عبر الانترنت , قم باختيار المدينة ثم تمتع بالتسوق في مدينتك من أي مكان | Tested on: win8.1 Fr V.Pro 15:39 23/05/2015 | Bug : Mullti | Download :...

Syria2u Arbahtube 1.0 Cross Site Request Forgery / Cross Site Scripting

| Title : Syria2u Arbahtube v1.0 Mullti Vulnerability | Author : indoushka | email : [email protected] | Dork : Copyright ©2014 script syria2u version1. All Rights Reserved. | Tested on: win8.1 Fr V.Pro 15:39 22/05/2015 | Bug : Mullti | Download : http://www.syria2u.com/...

Hive 2.0 RC2 XSS / Code Execution / SQL Injection

| Title : Hive v2.0 RC2 Multi Vulnerability | Author : indoushka | email : [email protected] | Dork : "Powered by DigitalHive" | Tested on: windows 8.1 Français V.Pro | Bug : Stop Script | Download : http:///www.digitalhive.com ======================================= Stop SCript working :...

QuickTalk 1.5 Password Hash Disclosure

| Title : QuickTalk 1.5 Reinstall Script Vulnerability | Author : indoushka | email : [email protected] | Dork : powered by QT-cute | Tested on: windows 8.1 Français V.Pro | Bug : Reinstall Script | Download : http://www.scriptmafia.org ======================================= 1 -...