CVE-2017-15383

Nero 7.10.1.0 has an unquoted BINARYPATHNAME for NBService, exploitable via a Trojan horse Nero.exe file in the %PROGRAMFILESx86%\Nero directory...

DeepService SSL VPN suffers from a local power lifting vulnerability

EasyConnect enables you to use all the systems and applications on your company's intranet outside the office. The EasyConnect PC Client version 7.1.0.4 has an exe hijacking vulnerability due to a space in the binary path Program Files and the entire path is not enclosed in double quotes, which...

Elevation of Privilege Vulnerability in Various Siemens Products (CNVD-2016-10732)

Founded in 1847, Siemens AG of Germany focuses on electrification, automation and digitalization. Siemens holds leading positions in offshore wind turbine construction, gas and steam turbine power generation, transmission solutions, infrastructure solutions, industrial automation, drives and...

InstantHMI 6.1 - Privilege Escalation

Exploit for windows platform in category local exploits Title: InstantHMI - EoP: User to ADMIN CWE Class: CWE-276: Incorrect Default Permissions Date: 01/06/2016 Vendor: Software Horizons Product: InstantHMI Version: 6.1 Download link: http://www.instanthmi.com/ihmisoftware.htm Tested on: Windows...

Internet-Haut-Debit-Mobile

Exploit Title:Internet Haut Debit Mobile Buffer Overflow SEH Software Link:https://app.box.com/s/4h9cm20hp5iiask8rwrm Poc video demo :http://www.youtube.com/watch?v=sAHfjmNHiow Version:PCWMATMARV1.0.0B03 Date found: 10.10.2013 Date published:10.10.2013 from struct import pack file="NetConfig.ini"...

KingView 6.53 - ActiveX Remote File Creation / Overwrite (KChartXY)

No description provided by source. !-- KingView ActiveX Control KChartXY Remote File Creation / Overwrite Vendor: http://www.wellintech.com Version: KingView 6.53 Tested on: Windows XP SP3 / IE Download: http://www.wellintech.com/documents/KingView6.53EN.zip Author: Blake CLSID:...

Yahoo!: Yahoo! Messenger v11.5.0.228 emoticons.xml shortcut Value Handling Stack-Based Buffer Overflow

Thank you for your submission to Yahoo’s Bug Bounty program. While we recognize the effort that you put into the research and writing of a report for us to evaluate, we will take your report into consideration for any future releases. We appreciate your adherence to responsible disclosure...

Telnet-Ftp Service Server 1.0 Directory Traversal

Exploit Title: Telnet-Ftp Service Server v1.0 Directory Traversal Vulnerability Date Published: 2013/6/18 Exploit Author: Chako Software Link: http://telnet-ftp-server.en.softonic.com/ Version: v1.0 Build 1.218 Tested on: Windows Xp SP3 English Description: ===================== A vulnerability h...

NetDecision 4.5.1 HTTP Server Buffer Overflow

This module exploits a vulnerability found in NetDecision's HTTP service located in C:\Program Files\NetDecision\Bin\HttpSvr.exe. By supplying a long string of data to the URL, an overflow may occur if the data gets handled by HTTP Server's active window. In other words, in order to gain remote...

Vulnerability in Epson printer driver installer where access permissions are changed

Overview A vulnerability in printer driver installers provided by Epson cause access permissions to a certain folder on the system to be changed. When printer drivers provided by Epson are installed, the access permissions for the folder that contains program files C:\Program Files are changed. A...

JVN#62736872: Vulnerability in Epson printer driver installer where access permissions are changed

When printer drivers provided by Epson are installed, the access permissions for the folder that contains program files C:\Program Files are changed. As a result, users that do not have permission to access that folder can gain access to that folder. Impact A user that does not have permission to...

Safe Returner 1.27.5 Commandline Vulnerability

Exploit for windows platform in category local exploits ============================================== Safe Returner 1.27.5 Commandline Vulnerability ============================================== Exploit Title : Commandline vulnerability Date : 27 Oct 2010 Author : STRELiTZIA Software : Safe...

Borland Delphi 7 Crash

Exploit for windows platform in category dos / poc ====================== Borland Delphi 7 Crash ====================== Title : Borland Delphi 7 Crash Date : 27 Sept 2010 Author : STRELiTZIA Software : Delphi 7 Tested on : Windows Xp SP3 ============================ = Description =...

TrustPort Antivirus / TrustPort PC Security weak security permissions

Weak permissions for program files...

Media Jukebox 8 (.pls) Universal Local Buffer Exploit (SEH)

Exploit for unknown platform in category local exploits =========================================================== Media Jukebox 8 .pls Universal Local Buffer Exploit SEH =========================================================== !/usr/bin/python Media Jukebox 8 .pls Universal Local Buffer...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in phpFFL 1.24 allow remote attackers to execute arbitrary PHP code via a URL in the PHPFFLFILEROOT parameter to 1 admin.php, 2 custompages.php, 3 draft.php, 4 faq.php, 5 leagues.php, 6 livedraft.php, 7 login.php, 8 myteam.php, 9 profile.php, 10...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in phpFFL 1.24 allow remote attackers to execute arbitrary PHP code via a URL in the PHPFFLFILEROOT parameter to 1 programfiles/livedraft/livedraft.php or 2 programfiles/livedraft/admin.php...

Hosting Controller 7C - 'FolderManager.aspx' Directory Traversal

source: https://www.securityfocus.com/bid/21786/info Hosting Controller is prone to a directory-traversal vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to modify or retrieve arbitrary files in the context of the webserver...

Alt-N MDaemon本地不安全默认目录权限漏洞

Alt-N MDaemon是一款基于Windows的邮件服务程序。 MDaemon在安装文件时没能设置正确的访问权限，本地攻击者可能利用此漏洞提升权限。 MDaemon默认下以不安全权限安装到了系统根目录的MDaemon文件夹中，允许Users组的成员创建文件和目录。本地攻击者可以通过将恶意的RASAPI32.DLL或MPRAPI.DLL库放置在MDaemon\APP目录中导致以系统权限执行任意代码。 Alt-N MDaemon 9.53 Alt-N MDaemon 9.51 Alt-N MDaemon 9.06 Alt-N MDaemon 9.0.5 临时解决方法：...

PT-2006-5737 · Oracle +3 · Mysql Server +3

Name of the Vulnerable Software and Affected Versions: Apache Friends XAMPP version 1.5.2 Description: The issue concerns unquoted Windows search path vulnerabilities in XAMPP. This could allow local users to gain privileges by placing a malicious program file in the %SYSTEMDRIVE%, which would be...