Simple Shopping Cart Application 0.1 - SQL Injection

Simple Shopping Cart Application 0.1 - SQL Injection Exploit Title.............. Simple Shopping Cart Application SQL Injection Google Dork................ inurl:"product-details.php?prodid=" "Designed by FBC Students" Date....................... 14/10/2016 Exploit Author............. lahilote...

WordPress Newsletter 4.6.0 Cross Site Request Forgery / Cross Site Scripting

Hello, Wordpress Plugin: Newsletter 4.6.0 https://wordpress.org/plugins/newsletter/ is vulnerable to CSRF and XSS. The issue is supposed to be fixed in version 4.6.1 . See https://wordpress.org/plugins/newsletter/changelog/ for more details. 1. Stored Cross-Site Scripting XSS Authenticated...

Raptor Web Application Firewall

Raptor Web Application Firewall Raptor Web Application Firewall is a simple web application firewall made in C, using KISS principle , to make poll use select function, is not better than epoll or kqueue from BSD but is portable, the core of match engine using DFA to detect XSS, SQLi and path...

coap-resources NSE Script

Dumps list of available resources from CoAP endpoints. This script establishes a connection to a CoAP endpoint and performs a GET request on a resource. The default resource for our request is code/.well-known/core/core, which should contain a list of resources provided by the endpoint. For...

TikiWiki 15.1 ELFinder Unauthenticated File Upload

Description A file upload vulnerability in Tiki Wiki --Part83012510490351498898101-- 3. Info Author: Mehmet Ince https://www.exploit-db.com/exploits/40091/...

Informatica: [careers.informatica.com] Reflected Cross Site Scripting to XSS Shell Possible

Description Cross-site Scripting XSS refers to client-side code injection attack wherein an attacker can execute malicious scripts also commonly referred to as a malicious payload into a legitimate website or web application. XSS is amongst the most rampant of web application vulnerabilities and...

pcre: buffer overflow caused by recursive back reference by name within certain group (8.38/4)

PCRE before 8.38 mishandles the /?J?'d'?'d'\gd/ pattern and related patterns with certain recursive back references, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScri...

Debian Security Advisory DSA 3582-1 (expat - security update)

Gustavo Grieco discovered that Expat, an XML parsing C library, does not properly handle certain kinds of malformed input documents, resulting in buffer overflows during processing and error reporting. A remote attacker can take advantage of this flaw to cause an application using the Expat libra...

WiFi-Pumpkin v0.7.5 - Framework for Rogue Wi-Fi Access Point Attack

WiFi-Pumpkin is a security tool that provides the Rogue access point to Man-In-The-Middle and network attacks. Installation Kali 2.0/WifiSlax 4.11.1/Parrot 2.0.5 Python 2.7 git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git cd WiFi-Pumpkin chmod +x installer.sh ./installer.sh --install refer t...

Backdoor Android APK: backdoor-apk

backdoor-apk is a shell script that simplifies the process of adding a backdoor to any Android APK file. Users of this shell script should have working knowledge of Linux, Bash, Metasploit, Apktool, the Android SDK, smali, etc. This shell script is provided as-is without warranty of any kind and ...

DET - Data Exfiltration Toolkit

DET is provided AS IS, is a proof of concept to perform Data Exfiltration using either single or multiple channels at the same time. The idea was to create a generic toolkit to plug any kind of protocol/service. Slides DET has been presented at BSides Ljubljana on the 9th of March 2016 and the...

Windows File Shares Reconnaissance: SMBCrunch

One of the most time consuming tasks during a security auditing process is diving into file-systems and shares, attempting to identify any potentially sensitive information. SMBCrunch helps penetration testers to quickly identify Windows File Shares on a network, perform a recursive directory...

MPAndroidChart Example - External URLs, Native code usage, SD-card access vulnerabilities

HackApp vulnerability scanner discovered that application MPAndroidChart Example published at the 'play' market has multiple vulnerabilities...

shodan-api NSE Script

Queries Shodan API for given targets and produces similar output to a -sV nmap scan. The ShodanAPI key can be set with the 'apikey' script argument, or hardcoded in the .nse file itself. You can get a free key from N.B if you want this script to run completely passively make sure to include the -...

rusers NSE Script

Connects to rusersd RPC service and retrieves a list of logged-in users. Script Arguments mount.version, nfs.version, rpc.protocol See the documentation for the rpc library. Example Usage nmap -sV --script=rusers Script Output | USER ON FROM SINCE IDLE | LOGIN console 2015-11-08T12:03:50 8h55m58s...

Fedora 23 : qemu-2.4.1-6.fc23 (2016-42778e8c82)

CVE-2015-8745: vmxnet3: don't assert reading registers in bar0 bz 1295442 CVE-2015-8567: net: vmxnet3: host memory leakage bz 1289818 CVE-2016-1922: i386: avoid NULL pointer dereference bz 1292766 CVE-2015-8613: buffer overflow in megasasctrlgetinfo bz 1284008 CVE-2015-8701: Buffer overflow in...

Pemcracker - Tool To Crack Encrypted PEM Files

This tool is inspired by pemcrack by Robert Graham. The purpose is to attempt to recover the password for encrypted PEM files while utilizing all the CPU cores. It still uses high level OpenSSL calls in order to guess the password. As an optimization, instead of continually checking against the P...

Beurk - Experimental Unix Rootkit

BEURK is an userland preload rootkit for GNU/Linux, heavily focused around anti-debugging and anti-detection. NOTE: BEURK is a recursive acronym for B EURK E xperimental U nix R oot K it Features Hide attacker files and directories Realtime log cleanup on utmp/wtmp Anti process and login detectio...

Typo3 4.2 / 4.5 Information Disclosure

INFORMAÇÕES: ---------------------------------------------------------- + Name: 0day Typo3 - Full Info Disclosure + Type: Full Info Disclosure + Vendor: https://typo3.org/typo3-cms/ + VULNERABLE VERSIONS: 4.2, 4.5 ---------------------------------------------------------- + AUTOR: Cleiton Pinheir...

Threat Outbreak Alert RuleID18452: Email Messages Distributing Malicious Software on October 3, 2015

Medium Alert ID: 41384 First Published: 2015 October 5 13:41 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID18452 may contain the following files: Name |...