D-Link DSR Router Remote Root Shell

!/usr/bin/python CVEs: CVE-2013-5945 - Authentication Bypass by SQL-Injection CVE-2013-5946 - Privilege Escalation by Arbitrary Command Execution Vulnerable Routers: D-Link DSR-150 Firmware v1.08B44 D-Link DSR-150N Firmware v1.05B64 D-Link DSR-250 and DSR-250N Firmware v1.08B44 D-Link DSR-500 and...

D-Link DSR Router Series - Remote Root Shell Exploit

This is a brief overview of the unauthenticated non-persistent remote root shell vulnerability in various D-Link DSR routers. Versions affected include D-Link DSR-150 Firmware v1.08B44, D-Link DSR-150N Firmware v1.05B64, D-Link DSR-250 and DSR-250N Firmware v1.08B44, D-Link DSR-500 and DSR-500N...

XSS when attaching a file to an issue

Hi, I found a persistent XSS vulnerability when attaching a file to an issue. The steps to reproduce are the following : - Attach a file to an issue. Its name must contain "alert'XSS'". I used a python script to do that. - Browse to the issue and open the ALL tab under activity. A popup should...

XSS when attaching a file to an issue

Hi, I found a persistent XSS vulnerability when attaching a file to an issue. The steps to reproduce are the following : - Attach a file to an issue. Its name must contain "alert'XSS'". I used a python script to do that. - Browse to the issue and open the ALL tab under activity. A popup should...

Feetan Inc WireShare v1.9.1 iOS - Persistent Vulnerability

Document Title: =============== Feetan Inc WireShare v1.9.1 iOS - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1157 Release Date: ============= 2013-12-05 Vulnerability Laboratory ID VL-ID: ====================================...

SonicWALL Gms 7.x - Filter Bypass Persistent

SonicWALL Gms 7.x - Filter Bypass Persistent Document Title: =============== Sonicwall GMS v7.x - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1099 Bulletin: Dell SonicWALL GMS Service Bulletin for Cross-Site...

Feetan Inc WireShare v1.9.1 iOS - Persistent Vulnerability

Document Title: =============== Feetan Inc WireShare v1.9.1 iOS - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1157 Release Date: ============= 2013-12-05 Vulnerability Laboratory ID VL-ID: ====================================...

SonicWALL Gms 7.x - Filter Bypass / Persistent

Document Title: =============== Sonicwall GMS v7.x - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1099 Bulletin: Dell SonicWALL GMS Service Bulletin for Cross-Site Scripting Vulnerability...

Sonicwall GMS v7.x - Filter Bypass & Persistent Vulnerability

Document Title: =============== Sonicwall GMS v7.x - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1099 Bulletin: Dell SonicWALL GMS Service Bulletin for Cross-Site Scripting Vulnerability...

Google Gmail IOS Mobile Application - Persistent / Stored XSS Vulnerability

Exploit for iOS platform in category web applications Google Gmail IOS Mobile Application - Persistent / Stored XSS Introduction: ============= Gmail is a free, advertising-supported email service provided by Google. Users may access Gmail as secure webmail, as well as via POP3 or IMAP4 protocols...

ImpressPages CMS 3.8 - Persistent Cross-Site Scripting

ImpressPages CMS 3.8 - Persistent Cross-Site Scripting Exploit Title:stored vulnerability Author: sajith version: ImpressPages CMS v3.8 vulnerable app link:http://www.impresspages.org/download/ steps: 1 log into the admin panel http://127.0.0.1/cms/ImpressPages/?cmsaction=manage 2click on advance...

PayPal GP+ Cross Site Scripting

Document Title: =============== Paypal Inc Bug Bounty 47 ALYZ - Persistent Search Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=807 PayPal Security UID: dx1f89rtd Release Date: ============= 2013-11-19 Vulnerability Laboratory ID VL-ID:...

Paypal Inc BB #14 - Persistent Payment Mail Vulnerability

Document Title: =============== Paypal Inc BB 14 - Persistent Payment Mail Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=651 Release Date: ============= 2013-11-19 Vulnerability Laboratory ID VL-ID: ==================================== 65...

Optomise System Ltd XSS / Information Disclosure

OPTOMISE SYSTEM Ltd UK Ministry of Defence and emergency services Full Directory Information Disclosure/ Persistent XSS / Time Line Vulnerability 04-11-2013 Security Advisory 07-11-2013 Ask About the Issues - Not Reponse 14-11-2013 Ask About the Issues- Not Response - Not Fixed 18-11-2013 Full...

Paypal Inc BB #47 ALYZ - Persistent Search Vulnerability

Document Title: =============== Paypal Inc BB 47 ALYZ - Persistent Search Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=807 PayPal Security UID: dx1f89rtd Release Date: ============= 2013-11-18 Vulnerability Laboratory ID VL-ID:...

PayPal Inc BB #42 - Persistent POST Inject Vulnerability

Document Title: =============== PayPal Inc BB 42 - Persistent POST Inject Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=801 PayPal Security UID: kxy1ea5ech Release Date: ============= 2013-11-17 Vulnerability Laboratory ID VL-ID:...

PayPal Inc BB #42 - Persistent POST Inject Vulnerability

Document Title: =============== PayPal Inc BB 42 - Persistent POST Inject Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=801 PayPal Security UID: kxy1ea5ech Release Date: ============= 2013-11-17 Vulnerability Laboratory ID VL-ID:...

LinkedIn Cross Site Scripting

============================================= INTERNET SECURITY AUDITORS ALERT 2013-005 - Original release date: 3rd March 2013 - Last revised: 10th March 2013 - Discovered by: Eduardo Garcia Melia - Severity: 5.2/10 CVSS Base Scored ============================================= I. VULNERABILITY...

Olat CMS 7.8.0.1 Cross Site Scripting

Document Title: =============== Olat CMS 7.8.0.1 - Persistent Calender Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1125 Release Date: ============= 2013-10-27 Vulnerability Laboratory ID VL-ID: ====================================...

Olat CMS 7.8.0.1 - Persistent Cross-Site Scripting

Olat CMS 7.8.0.1 - Persistent Cross-Site Scripting Document Title: =============== Olat CMS 7.8.0.1 - Persistent Calender Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1125 Release Date: ============= 2013-10-27 Vulnerability Laborato...