Asus RT-N66U 3.0.0.4.374_720 - Cross-Site Request Forgery

Exploit Title: CSRF Asus RT-N66U Arbitrary Command Execution Google Dork: N.A. Date: 30 September 2013 Exploit Author: cgcai https://www.qxcg.net/arbitrary-command-execution-on-an-asus-rtn66u.html Vendor Homepage: http://www.asus.com/Networking/RTN66U/ Software Link:...

Asus RT-N66U 3.0.0.4.374_720 - Cross-Site Request Forgery

Asus RT-N66U 3.0.0.4.374720 - Cross-Site Request Forgery Exploit Title: CSRF Asus RT-N66U Arbitrary Command Execution Google Dork: N.A. Date: 30 September 2013 Exploit Author: cgcai https://www.qxcg.net/arbitrary-command-execution-on-an-asus-rtn66u.html Vendor Homepage:...

ASUS RT-N66U 3.0.0.4.374_720 Cross Site Request Forgery

Exploit Title: CSRF Asus RT-N66U Arbitrary Command Execution Google Dork: N.A. Date: 30 September 2013 Exploit Author: cgcai https://www.qxcg.net/arbitrary-command-execution-on-an-asus-rtn66u.html Vendor Homepage: http://www.asus.com/Networking/RTN66U/ Software Link:...

MGASA-2013-0262 Updated nagstamon package fixes security vulnerability

A user details information exposure flaw was found in the way Nagstamon performed automated requests to get information about available updates. Remote attackers could use this flaw to obtain user credentials for servers monitored by the desktop status monitor due to their improper base64...

Fedora Update for xmonad FEDORA-2013-13332

Check for the Version of xmonad OpenVAS Vulnerability Test Fedora Update for xmonad FEDORA-2013-13332 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Sami FTP 2.0.1 MKD Buffer Overflow

!/usr/bin/python Exploit Title: Sami FTP MKD buffer overflow SEH + Bypass ASL Date: 11 Agosto 2013 Exploit Author: Christian Polunchis Ramirez https://intrusionlabs.org Vendor Homepage: http://www.karjasoft.com/old.php Version: Sami FTP Server 2.0.1 Tested on: Windows 7 Home Basic x86, Spanish...

Russian Cyber Criminals selling hacked websites access in Underground stores

Underground sites more commonly offer access to networks of compromised machines or stolen credit card information. Webroot has uncovered a criminal underground store dedicated to selling access to more than tens of thousands of hacked legitimate websites. Their customers can buy an administrator...

Basic Forum by JM LLC - Multiple Vulnerabilities

Dear all, I have discovered some vulnerabilities in Basic Forum, developed by JM LLC. Cheers, Sp3ctrecore ADVISORY ================================================ Basic Forum by JM LLC - Multiple Vulnerabilities ================================================ Software................: Basic For...

Basic Forum by JM LLC - Multiple Vulnerabilities

Basic Forum by JM LLC - Multiple Vulnerabilities Dear Offensive Security, I have discovered some vulnerabilities in Basic Forum, developed by JM LLC. Best regards, Sp3ctrecore ADVISORY ================================================ Basic Forum by JM LLC - Multiple Vulnerabilities...

Basic Forum by JM LLC - Multiple Vulnerabilities

Exploit for php platform in category web applications ================================================ Basic Forum by JM LLC - Multiple Vulnerabilities ================================================ Software................: Basic Forum Software link...........:...

Basic Forum by JM LLC - Multiple Vulnerabilities

Dear Offensive Security, I have discovered some vulnerabilities in Basic Forum, developed by JM LLC. Best regards, Sp3ctrecore ADVISORY ================================================ Basic Forum by JM LLC - Multiple Vulnerabilities ================================================...

Basic Forum XSS / CSRF / SQL Injection

ADVISORY ================================================ Basic Forum by JM LLC - Multiple Vulnerabilities ================================================ Software................: Basic Forum Software link...........: http://www.jmagness.com/download/BasicForum.zip Vendor..................: JM...

Re: Cisco/Linksys E1200 N300 Reflected XSS

Mitre has assigned the following CVE for this issue: CVE-2013-2679 On Mon, Apr 29, 2013 at 12:27 AM, Carl Benedict [email protected] wrote: Summary -------------------- Software : Cisco/Linksys Router OS Hardware : E1200 N300 others currently untested Version : 2.0.04 others currently...

Cisco Linksys E1200 / N300 Cross Site Scripting

Summary -------------------- Software : Cisco/Linksys Router OS Hardware : E1200 N300 others currently untested Version : 2.0.04 others currently untested Website : http://www.linksys.com Issue : Reflected XSS Severity : Medium Researcher: Carl Benedict theinfinitenigma Product Description...

MS13-054: Vulnerability in GDI+ Could Allow Remote Code Execution (2848295)

The version of Microsoft's GDI+ subsystem installed on the remote host has an unspecified code execution vulnerability. Specially crafted TrueType font files are not processed properly. A remote, unauthenticated attacker could exploit this vulnerability by getting a user to view content that...

OpenShift Enterprise and Online vulnerable to CSRF attack with REST API

A CSRF issue was found in OpenShift Enterprise 1.2. The web console is using 'Basic authentication' and the REST API has no CSRF attack protection mechanism. This can allow an attacker to obtain the credential and the Authorization: header when requesting the REST API via web browser...

CVE-2013-0551

The Basic Services component in IBM Tivoli Monitoring ITM 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business formerly Tivoli Foundations Application Manager 1.2.1 before 1.2.1.0-TIV-IAMSB-FP0004 and other products,...

CVE-2013-0548

Multiple cross-site scripting XSS vulnerabilities in the Basic Services component in IBM Tivoli Monitoring ITM 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business formerly Tivoli Foundations Application Manager 1.2.1...

Code injection

The Basic Services component in IBM Tivoli Monitoring ITM 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business formerly Tivoli Foundations Application Manager 1.2.1 before 1.2.1.0-TIV-IAMSB-FP0004 and other products,...

CVE-2013-0551

The Basic Services component in IBM Tivoli Monitoring ITM 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business formerly Tivoli Foundations Application Manager 1.2.1 before 1.2.1.0-TIV-IAMSB-FP0004 and other products,...