Symantec Endpoint Protection Manager 11.x / 12.x < 12.1 RU6 MP1 Multiple Vulnerabilities (SYM15-007)

The version of Symantec Endpoint Protection Manager SEPM installed on the remote host is prior to 12.1 RU6 MP1. It is, therefore, affected by the following vulnerabilities : - A flaw exists in the password reset functionality that allows a remote attacker, using a crafted password reset action, t...

WordPress Plugin Easy2Map 1.24 - SQL Injection

Title: SQL Injection in easy2map wordpress plugin v1.24 Author: Larry W. Cashdollar, @larry0 Date: 2015-06-08 Download Site: https://wordpress.org/plugins/easy2map Vendor: Steven Ellis Vendor Notified: 2015-06-08, fixed in v1.25 Vendor Contact: https://profiles.wordpress.org/stevenellis/ Advisory...

WiFi HD 8.1 - Directory Traversal / Denial of Service

Exploit Title: WiFi HD 8.1 - Directory Traversal and Denial of Service Date: 2015-05-27 Exploit Author: Wh1t3Rh1n0 Michael Allen Vendor Homepage: http://www.savysoda.com Software Link: http://www.savysoda.com/WiFiHD/ Version: 8.1 Apr 1, 2015 Tested on: iPhone Disclosure Timeline: 2015-05-30: Vend...

[SECURITY] [DLA 235-1] ruby1.9.1 security update

Package : ruby1.9.1 Version : 1.9.2.0-2+deb6u4 CVE ID : CVE-2011-0188 CVE-2011-2705 CVE-2012-4522 CVE-2013-0256 CVE-2013-2065 CVE-2015-1855 CVE-2011-0188 The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and oth...

Docker Engine Arbitrary File Manipulation Vulnerability

Docker Engine is a set of lightweight runtime environments and package management tools from Docker, Inc. An arbitrary file manipulation vulnerability exists in versions of Docker Engine prior to 1.6.1, which allows local users to overwrite files in /proc by setting arbitrary Linux security modul...

CVE-2015-3306

The modcopy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands...

ProFTPd 1.3.5 File Copy

Description TJ Saunders 2015-04-07 16:35:03 UTC Vadim Melihow reported a critical issue with proftpd installations that use the modcopy module's SITE CPFR/SITE CPTO commands; modcopy allows these commands to be used by unauthenticated clients: --------------------------------- Trying...

CVE-2015-0932

The ANTlabs InnGate firmware on IG 3100, IG 3101, InnGate 3.00 E, InnGate 3.01 E, InnGate 3.02 E, InnGate 3.10 E, InnGate 3.01 G, and InnGate 3.10 G devices does not require authentication for rsync sessions, which allows remote attackers to read or write to arbitrary files via TCP traffic on por...

KLA10515 Multiple vulnerabilities in PHP and extensions

Multiple serious vulnerabilities have been found in PHP and extensions. Malicious users can exploit these vulnerabilities to cause denial of service or inject code. Below is a complete list of vulnerabilities 1. Multiple integer overflows can be exploited remotely via a specially designed year...

Qibo Blog 1.0 /blog/require/ajax/ol_module.php 本地文件包含漏洞

/blog/require/ajax/olmodule.phpif$step==2 $uid=$lfjuid; @include"template/space/module/$moduleid.php"; /ÐÂÔö¼ÓµÄÄ£¿éʹ֮¿ÉÒÔÍÏÀ­/ //$ThisModule$moduleid=strreplace'class="head"','class="head" onMouseOver="Drag.inint;"',$ThisModule$moduleid; if!$ThisModule$moduleid...

KingCms最新版前台又GetShell

简要描述： KingCms最新版前台又GetShell 详细说明： 朋友的公司想购买kingcms的授权，让我帮忙看下。发现kingcms很长一段时间没更新了，憋了一段时间放出了最新版的k92014-12-13更新，官网下下来学习一下。 在wooyun上看到了几个漏洞，如： WooYun: kingcms最新版sql注入漏洞 只需要普通用户就可以完成getshell 问题出在这里：/apps/block/manage.php function edit $u=new user;$u-authrole'blockedit'; ifempty$POST'name'...

FastStone Image Viewer 5.3 - .tga Crash (PoC)

FastStone Image Viewer 5.3 - .tga Crash PoC Exploit Title : FastStoneImage Viewer Corrupted tga IMAGESPECIFICATION.Width Crash POC Product : FastStoneImage Viewer Date : 25.02.2015 Exploit Author : ITDefensor Vulnerability Research Team http://itdefensor.ru/ Software Link :...

VFU 4.10-1.1 - Move Entry Buffer Overflow Exploit

Exploit for linux platform in category local exploits Exploit Title: VFU Move Entry Buffer Overflow Date: 2015-02-25 Exploit Author: Bas van den Berg -- @barrebas Vendor Homepage: http://cade.datamax.bg/ Software Link: http://cade.datamax.bg/vfu/download Version: 4.10-1.1 Tested on: GNU/Linux Kal...

mozilla -- multiple vulnerabilities

The Mozilla Project reports: MFSA-2015-11 Miscellaneous memory safety hazards rv:36.0 / rv:31.5 MFSA-2015-12 Invoking Mozilla updater will load locally stored DLL files MFSA-2015-13 Appended period to hostnames can bypass HPKP and HSTS protections MFSA-2015-14 Malicious WebGL content crash when...

Program-O 2.4.6 XSS / LFI / HTTP Response Splitting

Document Title: =============== Program-O v2.4.6 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1414 Release Date: ============= 2015-01-21 Vulnerability Laboratory ID VL-ID: ==================================== 1414 Commo...

Program-O v2.4.6 - Multiple Web Vulnerabilities

Document Title: =============== Program-O v2.4.6 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1414 Release Date: ============= 2015-01-21 Vulnerability Laboratory ID VL-ID: ==================================== 1414 Commo...

Windows-OLE-Package-Manager

Very quick and ugly SandWorm CVE-2014-4114 exploit builder Exploit Title: CVE-2014-4114 SandWorm builder Vendor Homepage: microsoft.com Tested on: Win7Sp1 64 bit - Microsoft Offcie 2013 Plus Demo: http://youtu.be/ljjEkhflpv import os import zipfile import sys ''' Very quick and ugly SandWorm...

WordPress Dmsguestbook Unauthenticated Data Injection

http://packetstormsecurity.com/user/evex/ Author:Evex Title: WordPress dmsguestbook Plugin File Manipulation Description: wordpress dmsguestbook plugin is vulnerable to a file manipulation security issue it allows an unauthenicated attacker to put text into existing text files only " . "saved",...

OHOCMS exposed 0day vulnerabilities-government system faced a serious threat-vulnerability warning-the black bar safety net

Recently, the Ann constant information security researcher found that the current in the domestic government, education, public security, healthcare and other sectors using a very high rate of government system“OHOCMS”multiple vulnerabilities, including arbitrary file upload, arbitrary file...

shopex csrf脱裤 任意文件删除 文件写shell

简要描述： shopex csrf脱裤 任意文件删除 文件写shell 详细说明： 所有的漏洞缘由都是因为一个csrf引起的，那么我们来一个个看看： 安装最新版本的shopex： ctl.backup.php: function backup ifconstant'SAASMODE' exit; header"Content-type:text/html;charset=utf-8"; $params'sizelimit' = 1024; $params'filename' = $GET"filename"==""?date"YmdHis", time:$GET"filename";...