31 matches found
Apache struts2 devMode Remote Code Execution Vulnerability
Apache Struts is the United States Apache Apache Software Foundation is responsible for maintaining an open source project , is a set of open source MVC framework for creating enterprise-class Java Web applications . Apache struts2 devMode remote code execution vulnerability , the vulnerability i...
JVN#95989300: Apache Struts vulnerable to cross-site scripting
Apache Struts provided by the Apache Software Foundation is a software framework for creating Java web applications. Apache Struts contains a cross-site scripting vulnerability when devMode is left turned on. Impact An arbitrary script may be executed on the user's web browser. Solution Update th...
Struts 2.3.1.1 devmode命令执行漏洞
No description provided by source...
struts2 several recent vulnerability analysis&stable utilization payload-vulnerability warning-the black bar safety net
weibo:genxor 0x00 background See online on struts2 using the article very much, but for the vulnerability trigger the tracking analysis of the document is relatively small, nothing else to track it struts recent fights compared to fire two vulnerabilities, Research a bit to stabilize the use of t...
Apache-Struts2 DevMode RCE
Apache-Struts2 DevMode RCE Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...
Microsoft win32k.sys Driver "CreateDIBPalette()" Buffer Overflow
Exploit for windows platform in category local exploits ================================================================ Microsoft win32k.sys Driver "CreateDIBPalette" Buffer Overflow ================================================================ Sources: http://www.ragestorm.net/blogs/?p=255...
WebSudo should be disabled in devmode
When confluence is started in dev mode, websudo should be disabled...
Oracle - Document Capture BlackIce DEVMODE
Oracle - Document Capture BlackIce DEVMODE var devmode = new ActiveXObject"BLACKICEDEVMODE.BlackIceDEVMODECtrl.1"; //user add, user: sun pass: tzu scode = unescape "%u03eb%ueb59%ue805%ufff8%uffff%u4949%u3749%u4949" + "%u4949%u4949%u4949%u4949%u4949%u4949%u5a51%u456a" +...
Oracle Document Capture BlackIce DEVMODE exploit
No description provided by source. !-- Oracle Document Capture BlackIce DEVMODE ActiveX Control remote stack based buffer overflow IE8 /xp sp3 by Nine:Situations:Group::pyrokinesis CLSID: 1503569A-0AE2-4333-B6E6-466AB0BC73E5 Progid: BLACKICEDEVMODE.BlackIceDEVMODECtrl.1 Binary Path:...
Oracle Document Capture BlackIce DEVMODE exploit
Exploit for unknown platform in category remote exploits ================================================ Oracle Document Capture BlackIce DEVMODE exploit ================================================ Title: Oracle Document Capture BlackIce DEVMODE exploit CVE-ID: OSVDB-ID: Author: Pyrokinesis...
Oracle Document Capture BlackIce Stack Buffer Overflow
var devmode = new ActiveXObject"BLACKICEDEVMODE.BlackIceDEVMODECtrl.1"; //user add, user: sun pass: tzu scode = unescape "%u03eb%ueb59%ue805%ufff8%uffff%u4949%u3749%u4949" + "%u4949%u4949%u4949%u4949%u4949%u4949%u5a51%u456a" + "%u5058%u4230%u4231%u6b41%u4141%u3255%u4241%u3241" +...