5315 matches found
Hacker selling DDOS-Guard database, source code, pirate sites data
By Waqas It is time for anti-piracy groups to rejoice as the database of DDoS-Guard is reportedly on sale on a hacking forum. This is a post from HackRead.com Read the original post: Hacker selling DDOS-Guard database, source code, pirate sites data...
Local Service Search Engine Management System 1.0 SQL Injection
Exploit Title: SQL injection, bypass the login page, Local Service Search Engine Management System 1.0 Author: @nu11secur1ty Testing and Debugging: @nu11secur1ty Date: 06.02.2021 Vendor:...
Arbitrary File Download Vulnerability in Library Cluster Management System of Guangzhou Tutron Computer Software Development Co.
Guangzhou Tutron Computer Software Development Co., Ltd. is a high-tech enterprise integrating product development, application integration and customer service. There is an arbitrary file download vulnerability in the library cluster management system of Guangzhou Tutron Computer Software...
Trixbox 2.8.0.4 - (lang) Path Traversal Exploit
Exploit Title: Trixbox 2.8.0.4 - 'lang' Path Traversal Exploit Author: Ron Jost Hacker5preme Credits to: https://secur1tyadvisory.wordpress.com/2018/02/13/trixbox-multiple-path-traversal-vulnerabilities-cve-2017-14537/ Credits to: Sachin Wagh Vendor Homepage:...
FreeBSD-SA-21:11.smap
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-21:11.smap Security Advisory The FreeBSD Project Topic: SMAP bypass Category: core Module: amd64 Announced: 2021-05-26 Credits: I lost my dog if you see him...
Fuzzing iOS code on macOS at native speed
Or how iOS apps on macOS work under the hood Posted by Samuel Groß, Project Zero This short post explains how code compiled for iOS can be run natively on Apple Silicon Macs. With the introduction of Apple Silicon Macs, Apple also made it possible to run iOS apps natively on these Macs. This is...
Dental Clinic Appointment Reservation System 1.0 - Cross Site Request Forgery (Add Admin)
Exploit Title: Dental Clinic Appointment Reservation System 1.0 - Cross Site Request Forgery Add Admin Date: 15-05-2021 Exploit Author: Reza Afsahi Vendor Homepage: https://www.sourcecodester.com/php/6848/appointment-reservation-system.html Software Link:...
Dental Clinic Appointment Reservation System 1.0 Cross Site Request Forgery
Exploit Title: Dental Clinic Appointment Reservation System 1.0 - Cross Site Request Forgery Add Admin Date: 15-05-2021 Exploit Author: Reza Afsahi Vendor Homepage: https://www.sourcecodester.com/php/6848/appointment-reservation-system.html Software Link:...
Mubeng - An Incredibly Fast Proxy Checker And IP Rotator With Ease
An incredibly fast proxy checker & IP rotator with ease. Features Proxy IP rotator : Rotates your IP address for every specific request. Proxy checker : Check your proxy IP which is still alive. All HTTP/S methods are supported. HTTP & SOCKSv5 proxy protocols apply. All parameters & URIs are...
Rapid7 Source Code Breached in Codecov Supply-Chain Attack
Cybersecurity company Rapid7 on Thursday revealed that unidentified actors improperly managed to get hold of a small portion of its source code repositories in the aftermath of the software supply chain compromise targeting Codecov earlier this year. "A small subset of our source code repositorie...
Ransomware Going for $4K on the Cyber-Underground
In the cybercriminal underground, ransomware samples and builders are going for anywhere between $300 to $4,000, with ransomware-as-a-service rentals costing $120 to $1,900 per year. That’s according to an analysis by Kaspersky of the three main underground forums where ransomware is circulated...
Heap-based Buffer Overflow in axiomatic-systems/bento4
✍️ Description heap-buffer-overflow 🕵️♂️ Proof of Concept Verification steps: 1.Get the source code of Bento4 2.Compile the Bento4 bash $ cd Bento4 $ mkdir checkbuild && cd checkbuild $ cmake ../ -DCMAKECCOMPILER=clang -DCMAKECXXCOMPILER=clang++ -DCMAKECFLAGS="-fsanitize=address"...
Dental Clinic Appointment Reservation System 1.0 SQL Injection
Exploit Title: Dental Clinic Appointment Reservation System 1.0 - Authentication Bypass SQLi Date: 12.05.2021 Exploit Author: Mesut Cetin Vendor Homepage: https://www.sourcecodester.com/php/6848/appointment-reservation-system.html Software Link:...
Dental Clinic Appointment Reservation System 1.0 - (date) UNION based SQL Injection Vulnerability
Exploit Title: Dental Clinic Appointment Reservation System 1.0 - 'date' UNION based SQL Injection Authenticated Exploit Author: Mesut Cetin Vendor Homepage: https://www.sourcecodester.com/php/6848/appointment-reservation-system.html Software Link:...
Researchers Flag e-Voting Security Flaws
A group of election security experts said after a deep dive into Australia’s electronic voting systems that they have “serious problems” with the accuracy, integrity and privacy with elections run by the Australian Capital Territory ACT Electoral Commission. The team of four cybersecurity...
in axiomatic-systems/bento4
✍️ Description NULL pointer dereference of Ap4Descriptor.h in function GetTag 🕵️♂️ Proof of Concept Verification steps: 1.Get the source code of Bento4 2.Compile the Bento4 bash $ cd Bento4 $ mkdir checkbuild && cd checkbuild $ cmake ../ -DCMAKECCOMPILER=clang -DCMAKECXXCOMPILER=clang++...
LIVE555 Streaming Media has an unspecified vulnerability
LIVE555 Streaming Media is an application from LIVE555 USA, Inc. a standards-based RTP/RTCP/RTSP/SIP multimedia streaming source code library for embedded and/or low-cost streaming applications.A security vulnerability exists in versions prior to LIVE555 Streaming Media 2021.3.16, which stems fro...
Customer Relationship Management (CRM) System 1.0 SQL Injection Vulnerability
Exploit Title: Customer Relationship Management CRM System 1.0 - Admin Bypass SQLi Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/14794/customer-relationship-management-crm-system-php-source-code.html Software Link:...
Customer Relationship Management (CRM) System 1.0 Shell Upload Vulnerability
Exploit Title: Customer Relationship Management CRM Unrestricted File Upload unauthenticated Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/14794/customer-relationship-management-crm-system-php-source-code.html Software Link:...
Customer Relationship Management (CRM) System 1.0 Shell Upload
Exploit Title: Customer Relationship Management CRM Unrestricted File Upload unauthenticated Date: 11/05/2021 Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/14794/customer-relationship-management-crm-system-php-source-code.html Software Link:...