[SECURITY] Fedora 30 Update: phpMyAdmin-4.9.5-1.fc30

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

spring-data-api: potential information disclosure through maliciously crafted example value in ExampleMatcher

This affects Spring Data JPA in versions up to and including 2.1.6, 2.0.14 and 1.11.20. ExampleMatcher using ExampleMatcher.StringMatcher.STARTING, ExampleMatcher.StringMatcher.ENDING or ExampleMatcher.StringMatcher.CONTAINING could return more results than anticipated when a maliciously crafted...

ScoringEngine - Scoring Engine For Red/White/Blue Team Competitions

Scoring Engine for Red/White/Blue Team Competitions Getting started Download Docker. If you are on Mac or Windows, Docker Compose will be automatically installed. On Linux, make sure you have the latest version of Compose. If you're using Docker for Windows on Windows 10 pro or later, you must al...

CVE-2019-11027

Ruby OpenID aka ruby-openid through 2.8.0 has a remotely exploitable flaw. This library is used by Rails web applications to integrate with OpenID Providers. Severity can range from medium to critical, depending on how a web application developer chose to employ the ruby-openid library. Developer...

Cross-site scripting in PHPMailer

PHPMailer versions prior to 5.2.24 released July 26th 2017 have an XSS vulnerability in one of the code examples, CVE-2017-11503. The codegenerator.phps example did not filter user input prior to output. This file is distributed with a .phps extension, so it it not normally executable unless it i...

get_Team_Pass - Get Teamviewer's ID And Password From A Remote Computer In The LAN

Get teamviewer's ID and password from a remote computer in the LAN This program gets teamviewer's ID and password from a remote computer in the LAN. Most useful for postexploitation or sysadmins Tested on windows 7 and windows 10 x86 and x64 Prerequisites You must have valid credentials on the...

Metabigor - Intelligence Tool But Without API Key

Intelligence Tool but without API key What is Metabigor? Metabigor is Intelligence tool, its goal is to do OSINT tasks and more but without any API key. Installation go get -u github.com/j3ssie/metabigor Main features Discover IP Address of the target. Wrapper for running masscan and nmap on IP...

Unspecified Vulnerability in OpServices OpMon

OpServices OpMon is an IT infrastructure monitoring software from Brazil. A security vulnerability exists in OpServices OpMon. The vulnerability can be exploited by an attacker to execute a program e.g., nmap without the need for a sudo password...

WordPress WP Fanzone 3.1 SQL Injection

Exploit Title : Built with WordPress and WP FanZone Themes 3.1 SQL Injection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 20/01/2020 Vendor Homepage : wordpress.org - wpdevshed.com/wp-fanzone-theme/ Software Download Link :...

Video on Admin Dashboard < 1.1.4 - Authenticated Stored XSS

Video on Admin Dashboard is vulnerable to stored XSS. When a user has admin capabilities, malicious code can be submitted through the plugin's options. A user can insert a simple script in the Widget Title text field, e.g. "alert'XSS';. Every specified user role by the plugin will now be targeted...

Netstat2Neo4J - Create Cypher Create Statements For Neo4J Out Of Netstat Files From Multiple Machines

Graphs help to spot anomalies and patterns in large datasets. This script takes netstat information from multiple hosts and formats them in a way to make them importable into Neo4j. Neo4j can be queried for find connections to certain hosts, from certain hosts, find out the usage or protocols and...

Prima Access Control 2.3.35 Script Upload Remote Code Execution

Prima Access Control 2.3.35 Authenticated Python Script Upload Root RCE CVE: CVE-2019-9189 Advisory: https://applied-risk.com/resources/ar-2019-007 Paper: https://applied-risk.com/resources/i-own-your-building-management-system Discovered by Gjoko 'LiquidWorm' Krstic --- POST /bin/sysfcgi.fx...

Rbuster - Yet Another Dirbuster

yet another dirbuster Common Command line options -a - specify a user agent string to send in the request -c - use this to specify any cookies that you might need simulating auth. header. -f - force processing of a domain with wildcard results. -l - show the length of the response. -r - follow...

Linux/x86 - execve /bin/sh Shellcode (25 bytes)

Exploit Title: Linux/x86 - execve /bin/sh ShellCode 25 bytes Author: bolonobolo Vendor Homepage: None Software Link: None Tested on: Linux x86 CVE: N/A / global start section .text start: cdq ; xor edx mul edx lea ecx, eax mov esi, 0x68732f2f mov edi, 0x6e69622f push ecx ; push NULL in stack push...

Design/Logic Flaw

cPanel before 82.0.15 allows self XSS in LiveAPI example scripts SEC-524...

DeviceViewer 3.12.0.1 - Arbitrary Password Change

Exploit Title: DeviceViewer 3.12.0.1 - Arbitrary Password Change Date: 2019-09-10 Exploit Author: Alessandro Magnosi Vendor Homepage: http://www.sricam.com/ Software Link: http://download.sricam.com/Manual/DeviceViewer.exe Version: v3.12.0.1 Tested on: Windows 7 !/usr/bin/python Steps to reproduc...

Test advisory with associated example crate

This is a test advisory useful for verifying RustSec tooling and vulnerability detection pipelines are working correctly. Aside from the fact that it is filed against an example crate, it is otherwise considered by the Advisory Database itself to be a normal security advisory. It's filed against...

RUSTSEC-2019-0024 Test advisory with associated example crate

This is a test advisory useful for verifying RustSec tooling and vulnerability detection pipelines are working correctly. Aside from the fact that it is filed against an example crate, it is otherwise considered by the Advisory Database itself to be a normal security advisory. It's filed against...

Nextcloud: potential RCE and XSS via file upload requiring user account and default settings

potential RCE and XSS via file upload requiring user account and default settings Requirements 1. User account that can upload files NO admin 2. User account name on creation usually the same as on creation/displayed name 3. data directory inside of nextcloud server folder suggested by...

WordPress Live Chat Unlimited 2.8.3 Cross Site Scripting

Exploit Title: Live Chat Unlimited v2.8.3 Stored XSS Injection Google Dork: inurl:"wp-content/plugins/screets-lcx" Date: 2019/06/25 Exploit Author: m0ze Vendor Homepage: https://screets.com/ Software Link: https://codecanyon.net/item/wordpress-live-chat-plugin/3952877 Version: 2.8.3 Tested on:...