Linux Kernel (PonyOS 3.0) - ELF Loader Local Privilege Escalation

Exploit Title: PonyOS = 3.0 ELF loader privilege escalation Google Dork: if applicable Date: 29th May 2015 Exploit Author: Hacker Fantastic Vendor Homepage: www.ponyos.org Software Link: download link if available Version: 3.0 Tested on: 3.0 CVE : N/A Source:...

Ruby Web Applications Vulnerability Scanner: Yasuo

Ruby Web Applications Vulnerability Scanner Yasuo is a ruby script that scans for vulnerable 3rd-party web applications While working on a network security assessment internal, external, redteam gigs etc., we often come across vulnerable 3rd-party web applications or web front-ends that allow us ...

YASUO - Scans for Vulnerable & Exploitable 3rd-party Web Applications

Yasuo is a ruby script that scans for vulnerable 3rd-party web applications. While working on a network security assessment internal, external, redteam gigs etc., we often come across vulnerable 3rd-party web applications or web front-ends that allow us to compromise the remote server by exploiti...

Wordpess Simple Photo Gallery Blind SQLi Vulnerability

WordPress Simple Photo Gallery is prone to blind SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

RM Downloader 2.7.5.400 Local Buffer Overflow

Author: TUNISIAN CYBER + Exploit Title: RM Downloader v2.7.5.400 Local Buffer Overflow MSF + Date: 25-03-2015 + Type: Local Exploits + Tested on: WinXp/Windows 7 Pro + Vendor:...

WordPress < 4.2.1 Comments Stored XSS Vulnerability

WordPress is prone to a stored cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

WordPress Simple Ads Manager Plugin < 2.7.97 Multiple Vulnerabilities - Active Check

The WordPress Simple Ads Manager plugin is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Beacon（Fiberhome）HG-1 1 0 device directory traversal vulnerability study-vulnerability warning-the black bar safety net

Know Chong Yu security research group 2 0 1 5 . 0 3 . 3 1 This article PDF Download: fiberhome HG-1 1 0 device recorded traversal vulnerability study 1. Updates Edition: first edition Time: 2015 / 3 / 31 Description: The first edition of the complete 2. Vulnerability summary Recently, foreign...

Mini-stream Ripper 2.7.7.100 - Local Buffer Overflow

!/usr/bin/env python + Author: TUNISIAN CYBER + Exploit Title: Mini-sream Ripper v2.7.7.100 Local Buffer Overflow + Date: 25-03-2015 + Type: Local Exploits + Tested on: WinXp/Windows 7 Pro + Vendor:...

Apache Axis2 < 1.5.2 'engagingglobally' XSS Vulnerability

Apache Axis2 is prone to a cross-site scripting XSS vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2015 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

ClipBucket 'view_item.php' SQL Injection Vulnerability

ClipBucket is prone to blind sql injection vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

PHPMoAdmin RCE Vulnerability (Mar 2015) - Active Check

PHPMoAdmin is prone to a remote code execution RCE vulnerability because the application fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

BullGuard Internet Security 'BdAgent.sys' Driver Privilege Escalation Vulnerability

BullGuard Internet Security is prone to a local privilege escalation vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

u5CMS 3.9.3 (thumb.php) Local File Inclusion Vulnerability

Summary u5CMS is a little, handy Content Management System for medium-sized websites, conference / congress / submission administration, review processes, personalized serial mails, PayPal payments and online surveys based on PHP and MySQL and Apache. Description u5CMS suffers from an authenticat...

WP Symposium Plugin for WordPress Arbitrary File Upload

Added: 01/29/2015 BID: 71686 OSVDB: 116046 Background WP Symposium is a social network plugin for WordPress. Problem WP Symposium Plugin for WordPress contains a vulnerability that allows a remote attacker to execute arbitrary PHP code. This vulnerability is due to the...

VideoLAN VLC Media Player 2.1.5 - DEP Access Violation

VideoLAN VLC Media Player 2.1.5 - DEP Access Violation Title : VLC Player 2.1.5 DEP Access Violation Vulnerability Discoverer: Veysel HATAS @muh4f1z Web page : www.binarysniper.net Vendor : VideoLAN VLC Project Test: Windows XP SP3 Status: Fixed Severity : High CVE ID : CVE-2014-9597 NIST:...

MinaliC-Webserver-2.0.0

Exploit Title: MinaliC Webserver buffer overflow Date: 12 Apr 2013 Exploit Author: superkojiman - http://www.techorganic.com Vendor Homepage: http://minalic.sourceforge.net/ Version: MinaliC Webserver 2.0.0 import socket import struct 74 bytes calc.exe from...

ProjectSend r-561 - Arbitrary File Upload Exploit

Exploit for php platform in category web applications !/usr/bin/python Exploit Title: ProjectSend r-651 File Upload Date: December 01, 2014 Exploit Author: Fady Mohamed Osman Exploit-db id:2986 Vendor Homepage: http://www.projectsend.org/ Software Link: http://www.projectsend.org/download/67/...

iBackup Local Privilege Escalation Vulnerability - Windows

iBackup is prone to a local privilege escalation vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

. NET remote code execution MS14-0 2 6/CVE-2 0 1 4-1 8 0 6-a vulnerability warning-the black bar safety net

今天 看 到 小 猪 在 safekey 的 群 里面 说 关注 了 很 久 了 一 个 .NET a remote code execution vulnerability exp discloses, then immediately go to exploit-db to find the next find the it. This is Microsoft in 1 4 years 5 months has released a patch for a vulnerability that is MS14-0 2 6/CVE-2 0 1 4-1 8 0 6, bug the...