ClassLink OneClick Browser Extension / Agent Universal XSS / Remote Code Execution

The ClassLink OneClick Browser Extension and the ClassLink Agent are vulnerable to Universal XSS and Remote Code Execution. Vendor has released software updates to fix both vulnerabilities on 3 June 2018. === Vendor === ClassLink: https://www.classlink.com === Vulnerability 1: Universal XSS throu...

Vivaldi 1.4.589.11 DLL Hijacking

Exploit Title: Vivaldi browser DLL Hijacking Author: Ashiyane Digital Security Team Vendor Homepage: https://vivaldi.com/ software link: https://downloads.vivaldi.com/stable/Vivaldi.1.4.589.11.exe Tested on:Windows 7 Date: 13-09-2016...

OneBlog 2.0 Cross Site Scripting

Exploit Title :----------------- : Oneblog v2.0 - postsnew.php - Stored XSS Author :------------------------ : Nassim Asrir Author Company :------------------------ : HenceForth Author Email :------------------------ : [email protected] Google Dork :---------------- : - Date...

WinSCP 5.9.1 DLL Hijacking

Exploit Title: WinSCP DLL Hijacking Exploit shcore.dll Date: 03-09-2016 Author: Ashiyane Digital Security Team Vendor Homepage:http://winscp.net/ Software Link: http://winscp.net/download/WinSCP-5.9.1-Setup.exe Version:5.9.1 Tested on:Windows 7 Exploit by : Amir.ght...

OoVoo 3.7.1 DLL Hijacking

Exploit Title: OoVoo DLL Hijacking Author: Ashiyane Digital Security Team Vendor Homepage:http://www.oovoo.com/ Version: 3.7.1 Tested on:Windows 7 ---------------------------------------------------------------------------------------------------------- vulnerable DLLs :...

Android security development of ZIP file directory traversal-vulnerability warning-the black bar safety net

ZIP compressed package file to allow the presence of“../”string, an attacker can carefully construct the ZIP file, use multiple“../”thereby changing the ZIP package to a file in the storage position, the cover to replace the application the original file. If the overwritten file is available. so...

Microsoft-Office-Word-2007-RTF

Title : Microsoft Office Word 2007 - RTF Object Confusion ASLR and DEP bypass Date : 28/02/2015 Author : R-73eN Software : Microsoft Office Word 2007 Tested : Windows 7 Starter import sys Windows Message Box / all versions shellcode =...

Microsoft Word 2007 - RTF Object Confusion (ASLR + DEP Bypass)

Microsoft Word 2007 - RTF Object Confusion ASLR + DEP Bypass Title : Microsoft Office Word 2007 - RTF Object Confusion ASLR and DEP bypass Date : 28/02/2015 Author : R-73eN Software : Microsoft Office Word 2007 Tested : Windows 7 Starter import sys Windows Message Box / all versions . Thanks to...

DCOM the front of the pass to kill the vulnerability ms03-0 4 3 The use of code-vulnerability warning-the black bar safety net

Because you can go udp135 and UDP1024 more than one dynamic port, when many engage in an APT opening-day network firewall-black ice the white list of the machine is also easy to get. I often say that the inside of that MSG vulnerabilities. Aware of the RPC of the importance of after, a series of...

Windows XP Pro Sp2 English "Message-Box" Shellcode

No description provided by source. +-----------------------------------------------------+ | Windows XP Pro Sp2 English Message-Box Shellcode. | +-----------------------------------------------------+ Size : 16 Bytes, Null-Free. Author : Aodrulez. Email : [email protected] Shellcode =...

PEamp (.mp3) Memory Corruption PoC

No description provided by source. /Title: PEamp .mp3 Memmory Corruption PoC Author: Ayrbyte Link: http:www.softpedia.com/get/Multimedia/Audio/Audio-Players/mp3player.shtml Versi: v1.02b Tested on: Windows 7 Fb: facebook.com/Ayrbyte Greetz To : all CREMY Family, and for all indonesian indonesian...

PrestaShop <= 1.5.1 Persistent XSS Vulnerability

Exploit for php platform in category web applications PrestaShop or embed src='data:image/svg+xml;base64,PHN2ZyB4bWxuczpzdmc9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc 3ZnIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9y Zy8xOTk5L3hsaW5rIiB2ZXJza...

PrestaShop 1.5.1 Cross Site Scripting

PrestaShop or embed src='data:image/svg+xml;base64,PHN2ZyB4bWxuczpzdmc9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc 3ZnIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9y Zy8xOTk5L3hsaW5rIiB2ZXJzaW9uPSIxLjAiIHg9IjAi...

Adobe Photoshop CS5.1 U3D.8BI Collada Asset Elements Stack Overflow

No description provided by source. ?php // Adobe Photoshop CS5.1 U3D.8bi Library Collada Asset Elements // Unicode Conversion Stack Based Buffer Overflow poc .dae // 32bit/SEH // // unicode overflow occurs when overlong asset elements are processed // one could be able to return inside an ASCII...

Adobe Photoshop CS5.1 U3D.8BI Collada Asset Elements Stack Overflow

Exploit for windows platform in category local exploits ?php // Adobe Photoshop CS5.1 U3D.8bi Library Collada Asset Elements // Unicode Conversion Stack Based Buffer Overflow poc .dae // 32bit/SEH // // unicode overflow occurs when overlong asset elements are processed // one could be able to...

win32/xp sp2 ARABIC (ar) Message Box Shellcode (87 bytes)

Title : Windows XP SP2 ARABIC ar Message Box Shellcode 87 bytes Author :TrOoN E-mail : email protected | Facebook : www.facebook.com/fysl.fyslm Home : city 617 logts : Draria . algeria Web Site : www.1337day.com platform : WinDows sp2 arabiC Type : shell COde | etc... WARNING : Windows XP SP2...

Dominant Creature BBG/RPG Browser Game - Persistent Cross-Site Scripting

=================================================================================== Dominant Creature BBG/RPG browser game XSS vulnerabilities =================================================================================== Exploit Title: Dominant Creature BBG/RPG browser game XSS...

SunlitGreen BatchBlitz DLL Hijacking

/ SunlitGreen BatchBlitz DLL Hijacking Exploit fwpuclnt.dll Author : anT!-Tr0J4n Greetz : Dev-PoinT.com inj3ct0r.com All Dev-poinT members and my friends Email : D3v-PoinTathotmaild0tcom & C1EHatHotmaild0tcom Software Link:http://www.sunlitgreen.com Tested on: Windows XP sp3 Description:SunlitGre...

Sothink SWD Decompiler DLL Hijacking

/ Sothink SWF Decompiler DLL Hijacking Exploit dwmapi.dll Author : anT!-Tr0J4n Greetz : Dev-PoinT.com inj3ct0r.com ,All Dev-poinT members and my friends Email : [email protected] & [email protected] Software Link:http://www.sothink.com/ Tested on: Windows XP sp3 how to use : Complile and renam...

Virtual DJ 6.1.2 DLL Hijacking Exploit

/ Description: Virtual DJ 6.1.2 Also vulnerable for DLL Preloading on hdjapi.dll while loading .mp3 content. Date: August 29, 2010 Author: Classity informatiebeveiliging PoC: Displaying message box, but can be replaced by DLL with arbitrary payload. / include define DllExport declspec dllexport...