Magento eCommerce - Remote Code Execution

Exploit Title : Magento Shoplift exploit SUPEE-5344 Author : Manish Kishan Tanwar AKA error1046 Date : 25/08/2015 Love to : zero cool,Team indishell,Mannu,Viki,Hardeep Singh,Jagriti,Kishan Singh and ritu rathi Debugged At : Indishell Laboriginally developed by joren //////////////////////// ///...

[CORE-2015-0011] - AirLink101 SkyIPCam1620W OS Command Injection

Advisory Information Title: AirLink101 SkyIPCam1620W OS Command Injection Advisory ID: CORE-2015-0011 Advisory URL: http://www.coresecurity.com/advisories/airlink101-skyipcam1620w-os-command-injection Date published: 2015-07-08 Date of last update: 2015-07-08 Vendors contacted: AirLink101...

AirLink101 SkyIPCam1620W OS Command Injection

Advisory Information Title: AirLink101 SkyIPCam1620W OS Command Injection Advisory ID: CORE-2015-0011 Advisory URL: http://www.coresecurity.com/advisories/airlink101-skyipcam1620w-os-command-injection Date published: 2015-07-08 Date of last update: 2015-07-08 Vendors contacted: AirLink101...

AirLink101 SkyIPCam1620W - OS Command Injection

AirLink101 SkyIPCam1620W - OS Command Injection 1. Advisory Information Title: AirLink101 SkyIPCam1620W OS Command Injection Advisory ID: CORE-2015-0011 Advisory URL: http://www.coresecurity.com/advisories/airlink101-skyipcam1620w-os-command-injection Date published: 2015-07-08 Date of last updat...

Websense Data Security Cross Site Scripting

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Websense Data Security block page ------------------------------------------------------------------------ Han Sahin, September 2014...

Dridex Banking Trojan Spreading Via Macros in XML Files

Not long ago, criminals pushing the Dridex banking Trojan were using Microsoft Excel documents spiked with a malicious macro as a phishing lure to entice victims to load the malware onto their machines. Even though macros are disabled by default inside most organizations, the persistent hackers a...

Fedora 20 : sudo-1.8.12-1.fc20 (2015-2247)

update to 1.8.12 - fixes CVE-2014-9680 Update to 1.8.11p2 Major upstream changes & fixes : - when running a command in the background, sudo will now forward SIGINFO to the command - the passwords in ldap.conf and ldap.secret may now be encoded in base64. - SELinux role changes are now audited...

Scientific Linux Security Update : ruby on SL7.x x86_64 (20141126)

Multiple denial of service flaws were found in the way the Ruby REXML XML parser performed expansion of parameter entities. A specially crafted XML document could cause REXML to use an excessive amount of CPU and memory. CVE-2014-8080, CVE-2014-8090 A stack-based buffer overflow was found in the...

ruby, rubygem, rubygems security update

CentOS Errata and Security Advisory CESA-2014:1912 Updated ruby packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which...

Moderate: Red Hat Security Advisory: ruby193-ruby security update

Updated ruby193-ruby packages that fix three security issues are now available for Red Hat Software Collections 1. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Device42 WAN Emulator 2.3 - Ping Command Injection (Metasploit)

Device42 WAN Emulator 2.3 - Ping Command Injection Metasploit This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'WAN Emulator v2.3 Command Execution', 'Description' = %q , 'License' =...

The use of CVE2012-0 1 5 8 old vulnerability in the latest APT attack V1. 0-vulnerability warning-the black bar safety net

Format overflow vulnerabilities are often APT to attack the use. In such vulnerability, CVE2012-0 1 5 8 over the past year the most often used one. The use of the vulnerability of the carrier is typically an RTF file formats, the internal data in hex string form saved. 2 0 1 3 years 1 month of...

Jenkins: insecure storage of passwords in Subversion plugin (SECURITY-58)

The Subversion plugin before 1.54 for Jenkins stores credentials using base64 encoding, which allows local users to obtain passwords and SSH private keys by reading a subversion.credentials file...

Automattic: Open Redirect in WordPress Feed Statistics {Affected All Versions}

Hi, Feed Statistics Plugin is vulnerable to Open Redirect and effecting large amount of Websites. Which is the reason it should be patched swiftly. Detail description is given below: Tested on: Wordpress 3.9.1 Vulnerable Plugin: Feed Statistics Plugin Link:...

National Science Foundation Squid Web Proxy 1.0/1.1/2.1 Authentication Failure

No description provided by source. source: http://www.securityfocus.com/bid/741/info There is a vulnerability present in certain versions of the Squid Web Proxy Cache developed by the National Science Foundation. This problem is only in effect when users of the cache are using an external...

PostNuke 0.6 Unauthenticated User Login Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3435/info PostNuke, successor to PHPNuke, is a content management system written in PHP. PostNuke versions 0.62 to 0.64 suffer from a vulnerability that allows a remote user to log-in as any user with known username and I...

Symantec Web Gateway 5.0.2 - Remote LFI Root Exploit

No description provided by source. !/usr/bin/python Symantec Web Gateway 5.0.2 Remote LFI root Exploit Proof of Concept Exploit requires no authentication, /tmp/networkScript is sudoable and apache writable. muts at offensive-security dot com import socket import base64 payload= '''echo...

PHP Charts 1.0 (index.php, type param) - Remote Code Execution

No description provided by source. !/usr/bin/python Original Advisory came from: http://packetstormsecurity.com/files/119582/PHP-Charts-1.0-Code-Execution.html infodox - insecurety.net import requests import random import threading import sys def genpayloadhost, port: Perl Reverse Shell Generator...

Sysax Multi Server <= 5.52 File Rename BoF RCE (Egghunter)

No description provided by source. !/usr/bin/python Title: Sysax Multi Server = 5.52 File Rename BoF RCE Egghunter Author: Craig Freyman @cd1zz Tested on: XP SP3 32bit and Server 2003 SP2 32bitNo DEP Software Versions Tested: 5.50 and 5.52 Date Discovered: Febrary 1, 2012 Vendor Contacted: Febrar...

Design/Logic Flaw

LiveZilla before 5.1.1.0 stores the admin Base64 encoded username and password in a 1click file, which allows local users to obtain access by reading the file...