Confluence File Disclosure

File disclosure vulnerability in Confluence widget connector macro Vulnerability Type: File Disclosure For the exploit source code contact DSquare Security sales team...

Authentication flaw

An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below. After successful authentication, the device sends an authentication cookie to the end user such that they can access the devices web administration panel. This token is hard-coded to a string in the source code...

Bold CMS 3.6.4 Cross Site Scripting

Exploit Title: Bold CMS - 3.6.4 - Cross-Site Scripting Date: 2019-03-04 Exploit Author: Ismail Tasdelen Vendor Homepage: https://bolt.cm/ Software Link : https://github.com/bolt/bolt Software : Bold CMS - v 3.6.4 Version : v 3.6.4 Vulernability Type : Cross-site Scripting Vulenrability : Stored X...

tcpdump < 4.9.3 - Multiple Heap-Based Out-of-Bounds Reads

Through fuzzing of network capture .pcap files, we have identified 16 crashes with unique stack traces in tcpdump. These crashes are caused by heap-based out-of-bounds memory reads, and can be reproduced with the latest tcpdump source code from GitHub, compiled with AddressSanitizer: --- cut --- ...

Router exploitation of the Stack Overflow entry II-vulnerability warning-the black bar safety net

Foreword Finally, in learning MIPS vulnerability discovery process, to find a good drone platform The Damn Vulnerable Router Firmware Project Project address: https://github.com/praetorian-inc/DVRF The goal of this project is to simulate a real world environment to help people learn about other C...

Simple Online Hotel Reservation System - Cross-Site Request Forgery (Delete Admin) Vulnerability

Exploit for php platform in category web applications Exploit Title: Simple Online Hotel Reservation System - Cross-Site Request Forgery Delete Admin Exploit Author: Mr Winst0n Author E-mail: [email protected] Vendor Homepage: https://code-projects.org/ Software Link :...

IBM Content Navigator Information Disclosure Vulnerability

IBM Content Navigator is a Web client from IBM USA. The product supports searching and processing documents stored in content servers from a Web browser. A security vulnerability exists in IBM Content Navigator version 2.0.3 and 3.0CD, which originates from the program's use of a public key store...

5 Best Practices for your SAST Evaluation

Static Application Security Testing SAST solutions analyze the source code of applications for vulnerabilities without running or deploying the code. In case you are not sure if SAST is the right approach for you or what different SAST approaches exist we recommend reading our previous blog post...

Goscan - Interactive Network Scanner

GoScan is an interactive network scanner client, featuring auto-completion, which provides abstraction and automation over nmap. Although it started as a small side-project I developed in order to learn @golang, GoScan can now be used to perform host discovery, port scanning, and service...

WordPress Ultimate-Member 2.0.38 Cross Site Request Forgery / Shell Upload

Exploit Title : WordPress Ultimate-Member Plugins 2.0.38 CSRF Shell Upload Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 05/02/2019 Vendor Homepage : ultimatemember.com Software Download Link : downloads.wordpress.org/plugin/ultimate-member.2.0.38.zip Software...

CVE-2018-18941

In Vignette Content Management version 6, it is possible to gain remote access to administrator privileges by discovering the admin password in the vgn/ccb/user/mgmt/user/edit/0,1628,0,00.html?uid=admin HTML source code, and then creating a privileged user account. NOTE: this product is...

CVE-2018-18941

In Vignette Content Management version 6, it is possible to gain remote access to administrator privileges by discovering the admin password in the vgn/ccb/user/mgmt/user/edit/0,1628,0,00.html?uid=admin HTML source code, and then creating a privileged user account. NOTE: this product is...

FreeBSD : Gitlab -- Multiple vulnerabilities (b2f4ab91-0e6b-11e9-8700-001b217b3468)

Gitlab reports : Source code disclosure merge request diff Todos improper access control URL rel attribute not set Persistent XSS Autocompletion SSRF repository mirroring CI job token LFS error message disclosure Secret CI variable exposure Guest user CI job disclosure Persistent XSS label...

Missing Origin Validation in webpack-dev-server

Versions of webpack-dev-server before 3.1.10 are missing origin validation on the websocket server. This vulnerability allows a remote attacker to steal a developer's source code because the origin of requests to the websocket server that is used for Hot Module Replacement HMR are not validated...

Phishing Tactic Hides Tracks with Custom Fonts

An insidious phishing method evades detection using a never-before-seen technique that leverages custom fonts to cover its tracks. Researchers at Proofpoint recently discovered an active credential harvesting phishing scheme. Once a victim has clicked on the initial phishing email, the resulting...

TerraMaster Operating System SQL Injection

SQL Injection vulnerability in TerraMaster Operating System Event parameter Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

Vtiger CRM 7.1.0 Remote Code Execution

Exploit Title: Vtiger CRM 7.1.0 - Remote Code Execution Date: 2018-12-27 Exploit Author: Azkan Mustafa AkkuA AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://www.vtiger.com Software Link: https://sourceforge.net/projects/vtigercrm/files/latest/download Version: v7.1.0 Category:...

Gitlab -- Multiple vulnerabilities

Gitlab reports: Source code disclosure merge request diff Todos improper access control URL rel attribute not set Persistent XSS Autocompletion SSRF repository mirroring CI job token LFS error message disclosure Secret CI variable exposure Guest user CI job disclosure Persistent XSS label referen...

Spring MVC File Disclosure

File disclosure vulnerability in Spring MVC on Windows Vulnerability Type: File Disclosure For the exploit source code contact DSquare Security sales team...

CVE-2018-20478

An issue was discovered in S-CMS 1.0. It allows reading certain files, such as PHP source code, via the admin/download.php DownName parameter with a mixed-case extension, as demonstrated by a DownName=download.Php value...