616 matches found
[SECURITY] Fedora 23 Update: php-PHPMailer-5.2.14-1.fc23
Full Featured Email Transfer Class for PHP. PHPMailer features: Supports emails digitally signed with S/MIME encryption! Supports emails with multiple TOs, CCs, BCCs and REPLY-TOs Works on any platform. Supports Text & HTML emails. Embedded image support. Multipart/alternative emails for mail...
Sublist3R - Fast Subdomains Enumeration Tool For Penetration Testers
Sublist3r is python tool that is designed to enumerate subdomains of websites using search engines. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting. Sublist3r currently supports the following search engines: Google, Yahoo, Bing, Baidu,...
Threat Outbreak Alert RuleID18163: Email Messages Distributing Malicious Software on September 25, 2015
Medium Alert ID: 41211 First Published: 2015 September 24 19:35 GMT Last Updated: 2015 September 25 14:48 GMT Version: 2 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat...
Apache Tomcat examples directory session vulnerabilities
No description provided by source...
New OAuth book: OAuth 2 in Action
Justin Richer and myself have been writing a book about OAuth. It gives a deep look at the OAuth 2.0 protocol including hands on examples and practical implementation vulnerabilities to avoid. You can preorder the book today or you can download the first chapter for free on the publisher’s websit...
Bedita 3.5.1 - XSS Vulnerabilities
No description provided by source. Title: Bedita 3.5.1 XSS vulnerabilites Application: Bedita Version: 3.5.1 Software Link: http://www.bedita.com/ Date: 2015-03-09 Author: Sébastien Morin Contact: https://twitter.com/SebMorin1 Category: Web Applications =================== Introduction:...
Bedita 3.5.1 - XSS Vulnerabilities
Exploit for php platform in category web applications Title: Bedita 3.5.1 XSS vulnerabilites Application: Bedita Version: 3.5.1 Software Link: http://www.bedita.com/ Date: 2015-03-09 Author: Sébastien Morin Contact: https://twitter.com/SebMorin1 Category: Web Applications ===================...
Wordpress ibs-mappro Plugin Arbitrary File Download Vulnerability
Exploit for php platform in category web applications |||||||||||||||||||||||||||||||||||||||||||||||||| |-------------------------------------------------------------------------| | + Exploit Title:Wordpress ibs-mappro Plugin Arbitrary File Download Vulnerability | | + Exploit Author: Ashiyane...
lessner.wz.cz XSS vulnerability
Open Bug Bounty ID: OBB-62903 Description| Value ---|--- Affected Website:| lessner.wz.cz Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Shee...
WordPress Backup Plus Backup Disclosure
WordPress 'WP Backup Plus' Plugin Exposure Backup File to Unauthorized Control CWE: CWE-530 Risk: High Author: Hugo Santiago dos Santos Contact: [email protected] Date: 15/05/2015 Vendor Homepage: http://wpbackupplus.com/ Google Dork: inurl:/wp-content/uploads/wp-backup-plus/ PoC :...
ThemeMakers WordPress Themes Information Disclosure
WordPress 'ALL Themes' Developed By "ThemeMakers" File Information Exposure CWE: CWE-538 Risk: High Author: Hugo Santiago dos Santos Contact: [email protected] Date: 15/05/2015 Vendor Homepage: http://themeforest.net/user/ThemeMakers/portfolio ALL THEMES Google Dork:...
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the wx2.6-examples package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
The vulnerability of the CentOS operating system allows a malicious attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the qt-examples-4.6.2 package for the CentOS operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...
The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the qt-examples-4.6.2 package in the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the qt3-examples package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the wx2.8-examples package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the wx2.4-examples package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
Commix - Automated All-in-One OS Command Injection and Exploitation Tool
Commix short for command injection exploiter has a simple environment and it can be used, from web developers, penetration testers or even security researchers to test web applications with the view to find bugs, errors or vulnerabilities related to command injection attacks. By using this tool, ...
Kadimus - LFI Scan & Exploit Tool
Kadimus is a tool to check sites to lfi vulnerability , and also exploit it Features: Check all url parameters /var/log/auth.log RCE /proc/self/environ RCE php://input RCE data://text RCE Source code disclosure Multi thread scanner Command shell interface through HTTP Request Proxy support...
Password retrieve logic vulnerability summary-vulnerability warning-the black bar safety net
0x00 background description Please note these two articles: Password retrieve function there may be a problem Password retrieve function there may be issues supplemented From the above two documents the past six months, recently finishing a password to get back to the mind map, open the collectio...