EUVD-2018-2718

Malware in sbrugna...

CVE-2025-51726

CyberGhostVPNSetup.exe Windows installer is signed using the weak cryptographic hash algorithm SHA-1, which is vulnerable to collision attacks. This allows a malicious actor to craft a fake installer with a forged SHA-1 certificate that may still be accepted by Windows signature verification...

CVE-2025-51726

CyberGhostVPNSetup.exe Windows installer is signed using the weak cryptographic hash algorithm SHA-1, which is vulnerable to collision attacks. This allows a malicious actor to craft a fake installer with a forged SHA-1 certificate that may still be accepted by Windows signature verification...

PT-2025-31866 · Cyberghost · Cyberghostvpnsetup.Exe

Name of the Vulnerable Software and Affected Versions: CyberGhostVPNSetup.exe versions affected versions not specified Description: CyberGhostVPNSetup.exe Windows installer is signed using the weak cryptographic hash algorithm SHA-1, which is vulnerable to collision attacks. This allows a malicio...

Bullied by Bugcrowd over Kape CyberGhost disclosure

TL;DR The CyberGhost VPN client suffers from an elevation of privilege vulnerability and is filed under CVE-2023-30237. A specially crafted JSON payload sent to the CyberGhost RPC service can lead to command line injection when the OpenVPN process is launched, leading to full system compromise. T...

4Nonimizer - A Tool For Anonymizing The Public IP Used To Browsing Internet, Managing The Connection To TOR Network And To Different VPNs Providers

It is a bash script for anonymizing the public IP used to browsing Internet, managing the connection to TOR network and to different top VPN providers OpenVPN, whether free or paid. By default, it includes several pre-configured VPN connections to different peers .ovpn files and download the...

CyberGhost for Windows Privilege Exploit

CyberGhost for Windows is a Windows-based VPN software. A power lifting vulnerability exists in CyberGhost version 6.5.0.3180 for Windows-based platforms, which stems from a NetNamedPipe endpoint created by the CG6Service service that allows installed applications to connect and invoke publicly...

CVE-2018-10646

CyberGhost 6.5.0.3180 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "CG6Service" service. This service establishes a NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The "ConnectToVpnServer" method...

Privilege escalation

CyberGhost 6.5.0.3180 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "CG6Service" service. This service establishes a NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The "ConnectToVpnServer" method...

CVE-2018-10646

CyberGhost 6.5.0.3180 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "CG6Service" service. This service establishes a NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The "ConnectToVpnServer" method...

CVE-2018-10646

CyberGhost 6.5.0.3180 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "CG6Service" service. This service establishes a NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The "ConnectToVpnServer" method...

CVE-2018-10646

CyberGhost 6.5.0.3180 for Windows contains a SYSTEM privilege-escalation in the CG6Service via a NetNamedPipe endpoint. The ConnectToVpnServer method accepts a connectionParams argument that can specify a dynamic library plugin to run on every VPN connection, enabling code execution in the SYSTEM...

CyberGhost 6.0.4.2205 Privilege Escalation

Exploit CyberGhost 6.0.4.2205 Privilege Escalation Date: 06.03.2017 Software Link: http://www.cyberghostvpn.com/ Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: local 1. Description CG6Service service has method...

CyberGhost 6.0.4.2205 Privilege Escalation Vulnerability

Exploit for windows platform in category local exploits Exploit CyberGhost 6.0.4.2205 Privilege Escalation Date: 06.03.2017 Software Link: http://www.cyberghostvpn.com/ Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: local 1...

CyberGhost 6.0.4.2205 - Local Privilege Escalation

CyberGhost 6.0.4.2205 - Local Privilege Escalation Exploit CyberGhost 6.0.4.2205 Privilege Escalation Date: 06.03.2017 Software Link: http://www.cyberghostvpn.com/ Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: local 1...

CyberGhost 6.0.4.2205 - Local Privilege Escalation

Exploit CyberGhost 6.0.4.2205 Privilege Escalation Date: 06.03.2017 Software Link: http://www.cyberghostvpn.com/ Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: local 1. Description CG6Service service has method...

CyberGhost - Free VPN & Proxy - GPL license, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application CyberGhost - Free VPN & Proxy published at the 'play' market has multiple vulnerabilities...

Active Trade 2 - (default.asp catid) Remote SQL Injection Vulnerability

No description provided by source. Title : Active Trade Remote SQL Injection Vulnerability Author : CyberGhost Demo Page : http://www.activewebsoftwares.com/demoactivetrade Script Page : http://www.activewebsoftwares.com/productinfo.aspx?productid=32 Vuln. Username :...

okulop-sql.txt

Dumenci v19.1 Okul Otomasyon Portal v2.0 remote sql injection AUTHOR : Okulumun sitesi Script Download : http://www.okulumunsitesi.com/ DORK: "inurl:/k12.tr/?part=" Injection Adress : http://site.com/default.asp?islem=1&id=sql code my COD : -1+union+select+0,1,id,baslik,4,5,6+from+haber...

Okul Otomasyon Portal 2.0 - SQL Injection

Dumenci v19.1 Okul Otomasyon Portal v2.0 remote sql injection AUTHOR : Okulumun sitesi Script Download : http://www.okulumunsitesi.com/ DORK: "inurl:/k12.tr/?part=" Injection Adress : http://site.com/default.asp?islem=1&id=sql code my COD : -1+union+select+0,1,id,baslik,4,5,6+from+haber...