Radiant CMS 1.1.4 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications 1. Introduction Vendor : Radiant Affected Product : Radiant CMS 1.1.4 Fixed in : NA Vendor Website : http://radiantcms.org/ Vulnerability Type : Persistent XSS Remote Exploitable : Yes CVE External Identifier : CVE-2018-7261 2. Overview...

How to Reset nsroot Password on NetScaler Console

Citrix ADM, formerly NetScaler Console This article describes how to reset nsroot password on NetScaler MAS. Note: For NetScaler Console Agents, you can replace the path with dev/da0s1a /flash 1. mount dev/da0s1a /flash 2. No /etc/passwd...

openSUSE Security Update : openssl-steam (openSUSE-2018-168)

This update for openssl-steam fixes the following issues : - Merged changes from upstream openssl Factory rev 137 into this fork for Steam. Updated to openssl 1.0.2k : - CVE-2016-7055: Montgomery multiplication may produce incorrect results boo1009528 - CVE-2016-7056: ECSDA P-256 timing attack ke...

Debian: Security Advisory (DLA-952-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux/x86 - Audio (knock knock knock) via /dev/dsp + setreuid(0,0) + execve() Shellcode (566 bytes)

/ Audio knock knock knock via /dev/dsp + setreuid0,0 + execve shellcode. Linux x86 Author: Cody Tubbs loophole of hhp. www.hhp-programming.net / email protected 12/20/2000. F.U. to ph1xry4n. -From me and dxmd... If I ripped this, show me the source... or better yet go barrow a shovel so you can d...

Bluepot - Bluetooth Honeypot

This code is from a University Project written in 2010. This is a newer version of the code than is on Google Code. Bluepot is a Bluetooth Honeypot written in Java, it runs on Linux. Bluepot was a third year university project attempting to implement a fully functional Bluetooth Honeypot. A piece...

F5 Networks BIG-IP : NTP vulnerability (K07082049)

Buffer overflow in the legacy Datum Programmable Time Server DPTS refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via a crafted /dev/datum device. CVE-2017-6462 C Tenable Network Security, Inc. The descriptive text and package checks in...

Mac OS X High Sierra Root Privilege Escalation Exploit

This Metasploit module exploits a serious flaw in Mac OS X High Sierra. Any user can login with user "root", leaving an empty password. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Mac OS X...

OpenEMR Elevation of Privilege Vulnerability

OpenEMR is an open source medical management system maintained by the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing and medical billing requests. An elevation of privilege vulnerability exists in OpenEMR 5.0.1-dev and...

CVE-2017-1000241

The application OpenEMR version 5.0.0, 5.0.1-dev and prior is affected by vertical privilege escalation vulnerability. This vulnerability can allow an authenticated non-administrator users to view and modify information only accessible to administrators...

Privilege escalation

The application OpenEMR version 5.0.0, 5.0.1-dev and prior is affected by vertical privilege escalation vulnerability. This vulnerability can allow an authenticated non-administrator users to view and modify information only accessible to administrators...

Design/Logic Flaw

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the function mdssrotatorioctl in the driver /dev/mdssrotator, a Use-After-Free condition can potentially occur due to a fence being installed too early...

CVE-2017-13782

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a /dev/dtracehelper attack involving the dtracedifvariable and dtracegetarg functions...

Debian DSA-4023-1 : slurm-llnl - security update

Ryan Day discovered that the Simple Linux Utility for Resource Management SLURM, a cluster resource management and job scheduling system, does not properly handle SPANK environment variables, allowing a user permitted to submit jobs to execute code as root during the Prolog or Epilog. All systems...

Popular Pentesting Scanner: v3n0m

v3n0m is a free and open source scanner. Evolved from baltazar’s scanner, it has adapted several new features that improve functionality and usability. It is mostly experimental software. This program is for finding and executing various vulnerabilities. It scavenges the web using dorks and...

Linux kernel local denial of service vulnerability (CNVD-2017-33480)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A local denial of service vulnerability exists in the 'kvmvmioctlcheckextension' function in the arch/powerpc/kvm/powerpc.c file in versions of the Linux kernel prior ...

DEBIAN-CVE-2017-15306

The kvmvmioctlcheckextension function in arch/powerpc/kvm/powerpc.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service NULL pointer dereference and system crash via a KVMCHECKEXTENSION KVMCAPPPCHTM ioctl call to /dev/kvm...

CVE-2017-15306

The kvmvmioctlcheckextension function in arch/powerpc/kvm/powerpc.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service NULL pointer dereference and system crash via a KVMCHECKEXTENSION KVMCAPPPCHTM ioctl call to /dev/kvm...

CentOS 6 : ntp (CESA-2017:3071)

An update for ntp is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

CVE-2017-15945

The installation scripts in the Gentoo dev-db/mysql, dev-db/mariadb, dev-db/percona-server, dev-db/mysql-cluster, and dev-db/mariadb-galera packages before 2017-09-29 have chown calls for user-writable directory trees, which allows local users to gain privileges by leveraging access to the mysql...