1595 matches found
Multi Language Olx Clone Script 2.0.7 Cross Site Scripting
Exploit Title: Multi Language Olx Clone Script - Stored XSS Date: 08.02.2018 Exploit Author: Varun Bagaria Web: Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/olx-clone/ Category: Web Application Version:2.0.6 Tested on: Windows 7 CVE: NA...
Apache Tomcat Code Execution Vulnerability
Apache Tomcat is the United States Apache Apache Software Foundation under the Jakarta project of a lightweight Web application server, which is mainly used for the development and debugging of JSP programs for small and medium-sized systems. There is a security vulnerability in Apache Tomcat. An...
Tumder 2.1 - SQL Injection
Tumder 2.1 - SQL Injection Exploit Title: Tumder - An Arcade Games Platform 2.1 - SQL Injection Dork: N/A Date: 23.01.2018 Vendor Homepage: http://sndr.co.ve/ Software Link: https://codecanyon.net/item/tumder-an-arcade-games-platform/18726994 Version: 2.1 Category: Webapps Tested on:...
Juniper Junos Remote Code Execution Vulnerability
Juniper Junos OS is a Juniper Networks network operating system designed for the company's hardware systems. The OS provides a secure programming interface and the Junos SDK. A remote code execution vulnerability exists in Juniper Junos OS. A remote attacker could exploit the vulnerability to...
Grab: Unrestricted access to https://██████.█████myteksi.net/
Hello again Grab Security Team ! Following my previous research, it seems that your Microservices architecture you are currently running on .█████myteksi.net is publicly exposed on another endpoint : https://█████████.█████myteksi.net. Summary: When researching and starting a new enumeration of...
Denial of service
In Flexense Disk Pulse Enterprise v10.1.18, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVERGETINFO packet sent to control port 9120...
RESTEasy: Abuse of GZIPInterceptor in RESTEasy can lead to denial of service attack
It was found that GZIPInterceptor is enabled when not necessarily required in RESTEasy. An attacker could use this flaw to launch a Denial of Service attack...
Command Injection
pymemcache is vulnerable to command injection attacks. The vulnerability exists due to the lack of input sanitization on carriage return characters. If a client key can be set by the user, the weakness can be used as an attack vector for command injection...
Vivotek IP Cameras - Remote Stack Overflow (PoC)
STX Subject: Vivotek IP Cameras - Remote Stack Overflow Researcher: bashis September-October 2017 PoC: https://github.com/mcw0/PoC Release date: November 13, 2017 Full Disclosure: 43 days Attack Vector: Remote Authentication: Anonymous no credentials needed Firmware Vulnerable: Only 2017 versions...
Entrepreneur Job Portal Script 2.0.6 - 'jobsearch_all.php?rid1' SQL Injection
Exploit Title: Entrepreneur Job Portal Script 2.0.6 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/entrepreneur-job-portal-script/ Demo: http://freelancewebdesignerchennai.com/demo/job-portal/...
CVE-2017-16612
libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland through 1.14.0...
CVE-2017-16612
libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland through 1.14.0...
Huawei Mate 9 Pro Memory Corruption Vulnerability
The Huawei Mate 9 Pro is a smartphone product from the Chinese company Huawei Huawei. The Huawei Mate 9 Pro suffers from a memory corruption vulnerability that can be successfully exploited by an attacker to crash the phone by tricking the user into installing a malicious mobile application that...
HikVision Wi-Fi IP Camera Wireless Access Point State Vulnerability
HikVision Wi-Fi IP cameras come with a default SSID "davinci", with a setting of no WiFi encryption or authentication. Depending on the firmware version, there is no configuration option within the camera to turn off Wi-Fi. If a camera is deployed via wired ethernet, then the WiFi settings won't ...
JBOSSAS 4.x Deserializer Vulnerability
Exploit for java platform in category web applications JBOSSAS 4.x Deserializer Vulnerability The MITRE CVE dictionary describes this issue as: https://access.redhat.com/security/cve/cve-2017-7504 HTTPServerILServlet.java in JMS over HTTP Invocation Layer of the JbossMQ implementation, which is...
CVE-2017-8120
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges...
CVE-2017-15528
Prior to v 7.6, the Install Norton Security INS product can be susceptible to a certificate spoofing vulnerability, which is a type of attack whereby a maliciously procured certificate binds the public key of an attacker to the domain name of the target...
JBOSSAS 5.x/6.x 反序列化命令执行漏洞(CVE-2017-12149)
CVE-2017-12149 It was found that the doFilter method in the ReadOnlyAccessFilter of the HTTP Invoker does not restrict classes for which it performs deserialization. This allows an attacker to execute arbitrary code via crafted serialized data. Find out more about CVE-2017-12149 from the MITRE CV...
Android Qualcomm Services elevation of privilege vulnerability
Android on Google Pixel and Nexus is a Linux-based open source operating system for the Google Pixel and Nexus smartphones developed by Google Inc. and the Open Handset Alliance OHA, of which Qualcomm Services is a component. Qualcomm Services is a Qualcomm Services component developed by Qualcom...
Anti-Virus Privileged File Write Vulnerability
Anti-Virus solutions are split into several different components an unprivileged user mode part, a privileged user mode part and a kernel component. Logically the different systems talk to each other. By abusing NTFS directory junctions it is possible from the unprivileged user mode part "the UI"...