72 matches found
Microsoft Azure Sphere Denial of Service Vulnerability
Azure Sphere is a secure, advanced application platform with built-in communications and security features for connected devices. A security vulnerability exists in Microsoft Azure Sphere that allows an attacker to trigger a denial of service by exploiting the vulnerability...
CVE-2019-17495
A Cascading Style Sheets CSS injection vulnerability in Swagger UI before 3.23.11 allows attackers to use the Relative Path Overwrite RPO technique to perform CSS-based input field value exfiltration, such as exfiltration of a CSRF token value. In other words, this product intentionally allows th...
MacOS Zero Day Allows Trusted Apps to Run Malicious Code
A researcher has revealed a zero-day flaw in Apple’s Mojave operating system tied to the way the OS verifies apps. The bug allows attackers to sneak past macOS security measures and run whitelisted apps that have been manipulated to run malicious code. macOS researcher Patrick Wardle revealed the...
PYSEC-2019-115
python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a "CWE-20: Improper Input Validation" issue affecting...
Unspecified Vulnerability in Technicolor DPC3928SL
The Technicolor DPC3928SL is a cable modem from the French Technicolor group. A security vulnerability exists in the Technicolor DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-170214a version. An attacker could exploit the vulnerability to obtain Wi-Fi credentials by sending an SNMP request...
Listing Hub CMS 1.0 SQL Injection
Exploit Title: Listing Hub CMS 1.0 - Multiple SQL Injection Dork: N/A Date: 27.05.2018 Exploit Author: Azkan Mustafa AkkuA AkkuS Vendor Homepage: https://codecanyon.net/item/listing-hub-cms-directory-listings-theme/21361294 Version: 1.0 Category: Webapps Tested on: Kali linux Description : An...
SMB denial of service vulnerability in the web application on the use-vulnerability warning-the black bar safety net
CVE-2017-0016 SMB 0 day vulnerability can lead to Windows System denial of service, the present article is mainly to explain the vulnerability in a web application use. 2017 2 2 June, security researchers announced a exists in Microsoft Windows SMB in the 0 day Vulnerability, CVE-2017-0016, the...
Linux ASLR vulnerabilities: an attacker with unlimited disable ASLR(CVE-2 0 1 6-3 6 7 2-the vulnerability warning-the black bar safety net
! Recently, security personnel repair a Linux ASLR in a relatively old vulnerability, with x86 devices on the 3 2-bit application usage rights of any user, by the RLIMITSTACK resource is set to“unlimited”you can disable ASLR. The vulnerability CVE number CVE-2 0 1 6-3 6 7 2, The CNNVD number of...
[Wifite] Automated Way To Crack Wep
How crcak WEP key using Wifite This tool is very easy to use and very powerful if one attack method won’t work so the will start working on the next attack and the best thing is this tool is fully automatic and powerful...
PicoPublisher v2.0 Remote SQL injection
Exploit for php platform in category web applications Exploit Title : PicoPublisher v2.0 Remote SQL injection Date : 29/03/2012 Author : ZeTH Contact : zeth/at/hacktheplan8/dot/com http://www.hacktheplan8.com Vendor : Pico Software Site : http://pico.no/ Version : 2.0 Price : $29,00 Dork :...
Java vulnerabilities just to be on the attack code then we to-vulnerability warning-the black bar safety net
Using the Java virtual machine if you have not installed the Sun for Mac OS X, Windows, Linux with the latest security update, now will be a make up for the fault of timing. A security researcher local time on Thursday released a derived from the Mac OS X Java Runtime Environment vulnerability...
BaBB 2.8 Code Injection
!usr/bin/python BaBB 2.8 Full Code Injection Exploit AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : http://IrCrash.com My Official WebSite : http://R3dW0rm.ir IRCRASH Team Members : Khashayar Fereidani - R3d.w0rm Sina Yazdanmehr Download :...
vBulletin 3.7.3 Visitor Message XSS/XSRF + worm Exploit
No description provided by source. / ----------------------------- Author = Mx Title = vBulletin 3.7.3 Visitor Messages XSS/XSRF + worm Software = vBulletin Addon = Visitor Messages Version = 3.7.3 Attack = XSS/XSRF - Description = A critical vulnerability exists in the new vBulletin 3.7.3 softwa...
3proxy 0.5.3g proxy.c logurl() Remote Overflow Exploit (exec-shield)
No description provided by source. / Fedora Core 5,6 exec-shield based 3proxy HTTP Proxy 3proxy-0.5.3g.tgz remote overflow root exploit reverse connect-back method by Xpl017Elz Advanced exploitation in exec-shield Fedora Core case study URL:...
Formbankserver 1.9 (Name) Remote Denial of Service Exploit
No description provided by source. !perl Vulnerability found by Bl0od3r visit http://dc3.dl.am to see more exploits http://www.fersch.de/formbankserver/ download:http://www.download-tipp.de/cgi-bin/jump.cgi?ID=8796 - Hide quoted text - use IO::Socket; use warnings; package exploit; sub new bless...
UPublisher 1.0 (viewarticle.asp) Remote SQL Injection Vulnerability
Title : UPublisher 1.0 viewarticle.asp Remote SQL Injection Vulnerability Author : ajann Dork : UPublisher http://target/path//viewarticle.asp?ID=SQL Example: //viewarticle.asp?ID=-120union20select200,password,username,0,0,0,020from20tblusers OR ---...
Mambo Component - Display MOSBot Manager Remote File Inclusion Vuln
Aria-Security.net Advisory Discovered by: O.U.T.L.A.W www.Aria-security.net Gr33t to: A.U.R.A & Hessam-X & Cl0wn & DrtRp Software: Mambo Component - Display MOSBot Manager Attack method: Remote File Inclusion Source: includeonce "".$mosConfigabsolutepath."/administrator/components/"...
Comersus Open Technologies Comersus Cart 6.0.41 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/14191/info Comersus Cart is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code...
TinyWeb 1.9 Denial of Service Exploit
No description provided by source. TinyWeb version 1.9 DoS Exploit Coded bY ++Karak0rsan++ Usage:perl tiny.pl target Greetz:Phalaposher,r3db4r0n,Hurby,ZzagorR,L4M3R,zeronc,Atak,sloan,fox and all my friends w0rdz: cengiz g t ne sokam senin ehehheh bak exploit yay nlan rsa reziL olacan :D ama yay...
e107.pl.txt
| | | | | | |/ \ \ /\ / / | | | | \ V V / || ||/ // Security Group. -= e107 remote sploit =- by sysbug Attack method: with this sploit u can send an include vuln to a Host victim the upload go to /images/evil.php C:\Perl\binperl sploit.pl www.site.com -= e107 remote sploit =- by sysbug...