Lucene search
K

20 matches found

Rapid7 Blog
Rapid7 Blog
added 2022/04/07 3:14 p.m.45 views

Lessons in IoT Hacking: How to Dead-Bug a BGA Flash Memory Chip

Dead-bugging — what is that, you ask? The concept comes from the idea that a memory chip, once it’s flipped over so you can attach wires to it, looks a little like a dead bug on its back. So why would we do this for the purposes of IoT hacking? The typical reason is if you want to extract the...

5CVSS8AI score0.15102EPSS
Exploits5
Openbugbounty
Openbugbounty
added 2018/09/17 1:19 p.m.22 views

bga-vetements.fr XSS vulnerability

Open Bug Bounty ID: OBB-677493 Description| Value ---|--- Affected Website:| bga-vetements.fr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Exploit DB
Exploit DB
added 2016/10/06 12:0 a.m.43 views

Exagate WEBPack Management System - Multiple Vulnerabilities

Document Title: ================ Exagate WEBpack Management System Multiple Vulnerabilities Author: ======== Halil Dalabasmaz Release Date: ============== 07 OCT 2016 Product & Service Introduction: ================================ WEBPack is the individual built-in user-friendly and skilled web...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2016/09/19 12:0 a.m.68 views

SolarWinds Kiwi Syslog Server 9.5.1 - Unquoted Service Path Privilege Escalation

Document Title: ================ SolarWinds Kiwi Syslog Server Unquoted Service Path Privilege Escalation Vulnerability Author: ======== Halil Dalabasmaz Release Date: ============== 29 SEP 2016 Product & Service Introduction: ================================ Kiwi Syslog® Server is an affordable,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2016/09/19 12:0 a.m.42 views

SolarWinds Kiwi CatTools 3.11.0 - Unquoted Service Path Privilege Escalation

Document Title: ================ SolarWinds Kiwi CatTools Unquoted Service Path Privilege Escalation Vulnerability Author: ======== Halil Dalabasmaz Release Date: ============== 29 SEP 2016 Product & Service Introduction: ================================ Kiwi CatTools saves you time by automating...

7.4AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/05/19 4:40 a.m.3 views

BGA32.DLL and QBga32.DLL contain multiple vulnerabilities

Overview BGA32.DLL is a compression/decompression library for gza and bza-format files. BGA32.DLL contains multiple vulnerabilities including a buffer overflow because it utilizes vulnerable zlib and bzip2 libraries. QBga32.DLL, which is a wrapper of BGA32.DLL, is also affected. KONDOU, Kazuhiro...

7.5CVSS9.8AI score0.2554EPSS
Exploits4References14
Packet Storm
Packet Storm
added 2015/03/14 12:0 a.m.31 views

Citrix Netscaler NS10.5 WAF Bypass

Document Title: ============ Citrix Netscaler NS10.5 WAF Bypass via HTTP Header Pollution Release Date: =========== 12 Mar 2015 Product & Service Introduction: ======================== Citrix NetScaler AppFirewall is a comprehensive application security solution that blocks known and unknown...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2015/02/23 12:0 a.m.25 views

Beehive Forum 1.4.4 - Persistent Cross-Site Scripting

Document Title: ============ Beehive Forum v1.4.4 Stored XSS Vulnerability Author: ============== Halil Dalabasmaz Release Date: =========== 23 Feb 2015 Product & Service Introduction: ======================== Beehive is an open-source project for creating a high-configurable frame-based discussi...

7AI score
Exploits0
exploitpack
exploitpack
added 2014/11/17 12:0 a.m.20 views

Proticaret E-Commerce Script 3.0 - SQL Injection (2)

Proticaret E-Commerce Script 3.0 - SQL Injection 2 Document Title: ============ Proticaret E-Commerce Script v3.0 = SQL Injection Release Date: =========== 13 Nov 2014 Product & Service Introduction: ======================== Proticaret is a free e-commerce script. Abstract Advisory Information:...

0.2AI score
Exploits0
0day.today
0day.today
added 2014/11/17 12:0 a.m.30 views

Proticaret E-Commerce Script 3.0 - SQL Injection Vulnerability

Proticaret E-Commerce Script version 3.0 suffers from a remote SQL injection vulnerability. Document Title: ============ Proticaret E-Commerce Script v3.0 = SQL Injection Release Date: =========== 13 Nov 2014 Product & Service Introduction: ======================== Proticaret is a free e-commerce...

8.1AI score
Exploits0
Exploit DB
Exploit DB
added 2014/11/17 12:0 a.m.28 views

Proticaret E-Commerce Script 3.0 - SQL Injection (2)

Document Title: ============ Proticaret E-Commerce Script v3.0 = SQL Injection Release Date: =========== 13 Nov 2014 Product & Service Introduction: ======================== Proticaret is a free e-commerce script. Abstract Advisory Information: ======================= BGA Security Team discovered...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2014/11/15 12:0 a.m.27 views

Proticaret E-Commerce Script 3.0 SQL Injection

Document Title: ============ Proticaret E-Commerce Script v3.0 = SQL Injection Release Date: =========== 13 Nov 2014 Product & Service Introduction: ======================== Proticaret is a free e-commerce script. Abstract Advisory Information: ======================= BGA Security Team discovered...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2014/11/13 12:0 a.m.14 views

Proticaret E-Commerce Script 3.0 - SQL Injection (1)

Proticaret E-Commerce Script 3.0 - SQL Injection 1 Document Title: ============ Proticaret E-Commerce Script v3.0 = SQL Injection Release Date: =========== 13 Nov 2014 Product & Service Introduction: ======================== Proticaret is a free e-commerce script. Abstract Advisory Information:...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2014/11/13 12:0 a.m.26 views

Proticaret E-Commerce Script 3.0 - SQL Injection (1)

Document Title: ============ Proticaret E-Commerce Script v3.0 = SQL Injection Release Date: =========== 13 Nov 2014 Product & Service Introduction: ======================== Proticaret is a free e-commerce script. Abstract Advisory Information: ======================= BGA Security Team discovered...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

Mailspect Control Panel 4.0.5 - Multiple Vulnerabilities

No description provided by source. Document Title: ============ Mailspect Control Panel version 4.0.5 Multiple Vulnerabilities Release Date: =========== June 21, 2014 Product & Service Introduction: ======================== Mailspect is the email security and archiving brand of RAE Internet Inc.,...

6.7AI score
Exploits0
exploitpack
exploitpack
added 2014/07/01 12:0 a.m.61 views

Flussonic Media Server 4.1.25 4.3.3 - Arbitrary File Disclosure

Flussonic Media Server 4.1.25 4.3.3 - Arbitrary File Disclosure Document Title: ============ Flussonic Media Server 4.3.3 Multiple Vulnerabilities Release Date: =========== June 29, 2014 Product & Service Introduction: ======================== Flussonic is a mutli-protocol streaming server with...

0.3AI score
Exploits0
0day.today
0day.today
added 2014/07/01 12:0 a.m.433 views

Flussonic Media Server 4.1.25 - 4.3.3 - Aribtrary File Disclosure Vulnerability

Exploit for aix platform in category dos / poc Document Title: ============ Flussonic Media Server 4.3.3 Multiple Vulnerabilities Release Date: =========== June 29, 2014 Product & Service Introduction: ======================== Flussonic is a mutli-protocol streaming server with support for many...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2014/07/01 12:0 a.m.114 views

Flussonic Media Server 4.1.25 < 4.3.3 - Arbitrary File Disclosure

Document Title: ============ Flussonic Media Server 4.3.3 Multiple Vulnerabilities Release Date: =========== June 29, 2014 Product & Service Introduction: ======================== Flussonic is a mutli-protocol streaming server with support for many protocols, including HDS, HLS, RTMP, RTSP, HTTP,...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2014/06/27 12:0 a.m.17 views

Mailspect Control Panel 4.0.5 - Multiple Vulnerabilities

Mailspect Control Panel 4.0.5 - Multiple Vulnerabilities Document Title: ============ Mailspect Control Panel version 4.0.5 Multiple Vulnerabilities Release Date: =========== June 21, 2014 Product & Service Introduction: ======================== Mailspect is the email security and archiving brand...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2011/06/19 12:0 a.m.51 views

[BGA - SignalSEC Advisory]:Adobe Shockwave Player Remote Code Execution

Affected Vendors: Adobe Affected Products: Shockwave Player CVE ID: CVE-2011-2122 Risk Level: High Vulnerability: Memory Corruption Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interacti...

9.3CVSS1AI score0.0441EPSS
Exploits0
Rows per page
Query Builder