Yahoo!: Bypass of anti-SSRF defenses in YahooCacheSystem (affecting at least YQL and Pipes)

Thank you for your submission to Yahoo’s Bug Bounty program. There were similar reports submitted, this report is marked as closed as the other reports will be triaged. We appreciate your adherence to responsible disclosure guidelines and look forward to your future participation in the program. ...

[Firefox Password Remover v1.5] Firefox Website Login Password Removal Tool

Firefox Password Remover is the free tool to quickly remove the stored website login passwords from Firefox. You can either remove selected ones or all of the stored passwords from the Firefox sign-on database. One of the unique feature of this tool is that it allows you to remove the website...

[MAC Address Scanner v1.5] Desktop Tool to Find MAC address of Remote Computers on Local Network

MAC Address Scanner is the free desktop tool to remotely scan and find MAC Address of all systems on your local network. It allows you to scan either a single host or range of hosts at a time. During the scan, it displays the current status for each host. After the completion, you can generate...

[BrowserHistorySpy v3.0] All-in-one Tool to View Web History of Firefox/Chrome/IE/Chrome SXS/CoolNovo/SeaMonkey Browsers

Browser History Spy is the all-in-one software to instantly recover or view the browsing history from popular web browsers. It helps in recovering or viewing web history of following browsers. Mozilla Firefox Internet Explorer Google Chrome Google Chrome Canary/SXS CoolNovo SeaMonkey Browser It...

[Social Password Decryptor v4.0] All-in-one Social Network Password Recovery Software

Social Password Decryptor is the FREE software to instantly recover Passwords for popular Social Networks such as Facebook, Twitter, Google Plus etc. It can automatically discover and recover all the social passwords stored by web browsers & messengers including Firefox, Chrome, IE, GTalk and mor...

[WiFi Password Decryptor v3.0] Wireless Password Recovery Software

WiFi Password Decryptor is the FREE software to instantly recover Wireless account passwords stored on your system. It automatically recovers all type of Wireless Keys/Passwords WEP/WPA/WPA2 etc stored by Windows Wireless Configuration Manager. For each recovered WiFi account, it displays followi...

How do I get my data out of Nexpose? Answer: SQL Query Export

Do any of these these questions sound familiar? "Printable reports are really valuable and I use them on a daily basis. However, is there a section that I can add to show a summary by asset group or site?" "I really like the XML format, but its a little hard to process and I have to write code to...

Linux Performance Monitor: Nmon

Nmon Nigel’s performance Monitor for Linux is another very useful command line utility that can display information about various system resources like cpu, memory, disk, network etc. It was developed at IBM and later released open source. It is available for most common architectures like x86, A...

[Creepy] Geolocation information Gathering through Social Networking Platforms

Creepy is a geolocation OSINT tool. Gathers geolocation related information from online sources, and allows for presentation on map, search filtering based on exact location and/or date, export in csv format or kml for further analysis in Google Maps. What's new in v1.0.x ? Creepy now uses Qt 4,...

Geolocation OSINT Tool Creepy

Geolocation OSINT Tool Creepy Creepy is a geolocation OSINT tool. Gathers geolocation related information from online sources, and allows for presentation on map, search filtering based on exact location and/or date, export in csv format or kml for further analysis in Google Maps. What’s new in...

cumin: missing authorization checks in forms, charts, and csv export widgets

cumin in Red Hat Enterprise MRG Grid 2.4 does not properly enforce user roles, which allows remote authenticated users to bypass intended role restrictions and obtain sensitive information or perform privileged operations via unspecified vectors...

New Jigsaw Hacking Tool Spotted in Attacks

If you’ve run an internal phishing exercise, chances are you may have used Jigsaw, an open source penetration testing tool that enables security teams to automatically generate email address combinations from a minimal amount of public information. As with other open source security and networkin...

import_results

This plugin serves as an entry point for the results of other tools that identify URLs. The plugin reads from different input files and directories and creates the fuzzable requests which are needed by the audit plugins. Two configurable parameter exist: inputcsv inputburp One or more of these ne...

export_requests

This plugin exports all discovered HTTP requests URL, Method, Params to the given file CSV which can then be imported in another scan by using the crawl.importresults. One configurable parameter exists: outputfile Plugin type Output Options Name | Type | Default Value | Description | Help...

[SECURITY] Fedora 18 Update: phpMyAdmin-3.5.8.1-1.fc18

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

[SECURITY] Fedora 17 Update: phpMyAdmin-3.5.8-1.fc17

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

Moving custom attributes through import/export of CSV file

Purpose To export custom attributes from one installation of Business View to another, follow these steps: 1. Click Configuration in the top right corner of the screen and navigate to the Import/Export pane. 2. This step is not mandatory If you want to pre-designate which custom attributes Busine...

WordPress LeagueManager Plugin Multiple Vulnerabilities

WordPress LeagueManager Plugin is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ActiveFax (ActFax) 4.3 Client Importer Buffer Overflow

The vulnerability is a stack based buffer overflow in the "Import Users from File" function, due to the insecure usage of strcpy while parsing the csv formatted file. The module creates a .exp file that must be imported with ActiveFax server...

Microsoft SQL Server Database Link Crawling Command Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' require...