11 matches found
xss
This is a web application for a free online web and mobile security class, Hacker101. The application is built using Jekyll, a static site generator, and is hosted on GitHub Pages. The site provides a variety of resources, including videos, resources, and a CTF Capture The Flag section. The...
GLSA-202407-10 : Sofia-SIP: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202407-10 Sofia-SIP: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in Sofia-SIP. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block direct...
Cisco Firepower Threat Management Console 6.0.1 - Hard-Coded MySQL Credentials
Cisco Firepower Threat Management Console 6.0.1 - Hard-Coded MySQL Credentials KL-001-2016-005 : Cisco Firepower Threat Management Console Hard-coded MySQL Credentials Title: Cisco Firepower Threat Management Console Hard-coded MySQL Credentials Advisory ID: KL-001-2016-005 Publication Date:...
Cisco Firepower Threat Management Console 6.0.1 - Local File Inclusion
Cisco Firepower Threat Management Console 6.0.1 - Local File Inclusion KL-001-2016-006 : Cisco Firepower Threat Management Console Local File Inclusion Title: Cisco Firepower Threat Management Console Local File Inclusion Advisory ID: KL-001-2016-006 Publication Date: 2016.10.05 Publication URL:...
Network Forensic Analysis Tool: Xplico
The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email POP, IMAP, and SMTP protocols, all HTTP contents, each VoIP call SIP, FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is ...
ipTIME Remote Code Execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Please find a text-only version below sent to security mailing-lists. The complete version on exploits about my last advisory of ipTIME products is posted here:...
Netgear Prosafe VPN Firewalls - Multiple vulnerabilities
About Encripto AS ================= Encripto is a Norwegian company which provides specialized services within IT-security. Our core expertise is security testing, network security monitoring and training. Encripto is committed to information security. We do research to discover trends, new...
Allied Telesis AT-RG634A Unauthenticated Webshell
Title: Allied Telesis AT-RG634A ADSL Broadband router hidden administrative unauthenticated webshell. Vulnerability Information: - CVE: CVE-2014-1982 - Type of Vulnerability: - CWE-78 : OS Command Injection - CWE-306 : Missing Authentication for Critical Function Affected products: - Allied Teles...
[Xplico 1.1.0] Open Source Network Forensic Analysis Tool (NFAT)
The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email POP, IMAP, and SMTP protocols, all HTTP contents, each VoIP call SIP, FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is ...
Joomla! Component NeoReferences 1.3.1 - catid SQL Injection
Joomla! Component NeoReferences 1.3.1 - catid SQL Injection joomla SQL Injectioncomneoreferences AUTHOR : S@BUN HOME : http://www.hackturkiye.com/ DorKs 1 : allinurl: "comneoreferences" EXPLOIT :...
[Full-disclosure] Novell NDPS Remote Vulnerability (Server & Client)
Summary: There's an integer overflow present that affects Novell Windows clients and Novell Netware server and Novell Open Enterprise server. Impact: Remote, unauthenticated, super-user privileges. Affected software: Novell Netware All versions Novell Open Enterprise Server All NetWare based...