XML Notepad 2.8.0.4 XML External Entity Injection

Exploit Title: XML Notepad 2.8.0.4 - XML External Entity Injection Date: 2019-11-11 Exploit Author: 8-Team / daejinoh Vendor Homepage: https://www.microsoft.com/ Software Link: https://github.com/microsoft/XmlNotepad Version: XML Notepad 2.8.0.4 Tested on: Windows 10 Pro CVE : N/A Step 1 File -...

Siemens Sicam Improper Input Validation

A vulnerability has been identified in SICAM A8000 CP-8000 All versions V14, SICAM A8000 CP-802X All versions V14, SICAM A8000 CP-8050 All versions V2.00. Specially crafted network packets sent to port 80/TCP or 443/TCP could allow an unauthenticated remote attacker to cause a Denial-of-Service...

WMV to AVI MPEG DVD WMV Convertor 4.6.1217 - Denial of Service

Exploit Title: WMV to AVI MPEG DVD WMV Convertor 4.6.1217 - Denial of Service Vendor Homepage:https://www.alloksoft.com/ Software Link: https://www.alloksoft.com/wmv.htm Exploit Author: Nithoshitha S Tested Version: v4.6.1217 Tested on: Windows 7 x64 Windows XP SP3 1.- Run python code :poc.py 2.-...

ThinVNC 1.0b1 - Authentication Bypass Exploit

Exploit Title: ThinVNC 1.0b1 - Authentication Bypass Exploit Author: Nikhith Tumamlapalli Contributor WarMarX Vendor Homepage: https://sourceforge.net/projects/thinvnc/ Software Link: https://sourceforge.net/projects/thinvnc/files/ThinVNC1.0b1/ThinVNC1.0b1.zip/download Version: 1.0b1 Tested on:...

sudo 1.8.27 - Security Bypass

sudo 1.8.27 - Security Bypass Exploit Title : sudo 1.8.27 - Security Bypass Date : 2019-10-15 Original Author: Joe Vennix Exploit Author : Mohin Paramasivam Shad0wQu35t Version : Sudo priv" os.system"cat priv | grep 'ALL' | cut -d '' -f 2 binary" binaryfile = open"binary"...

vBulletin Flaw Exploited in Dutch Sex-Work Forum Breach

Hackers have stolen the account details of 250,000 users of Dutch sex-work forum Hookers.nl – including email addresses of both escorts and customers. The website provides a forum for escorts and customers to discuss sex work — including clients discussing their experiences with sex workers. A...

Warning: Researcher Drops phpMyAdmin Zero-Day Affecting All Versions

A cybersecurity researcher recently published details and proof-of-concept for an unpatched zero-day vulnerability in phpMyAdmin—one of the most popular applications for managing the MySQL and MariaDB databases. phpMyAdmin is a free and open source administration tool for MySQL and MariaDB that's...

Wolters Kluwer TeamMate 3.1 - Cross-Site Request Forgery

Hello, Please find the below vulnerability details, --------------------------------------------------------------------------------------------------------------------------------- Exploit Title: Wolters Kluwer TeamMate+ – Cross-Site Request Forgery CSRF vulnerability Date: 02/09/2019 Exploit...

Cisco Patches Six Critical Bugs in UCS Gear and Switches

Cisco Systems is warning of six critical vulnerabilities impacting a wide range of its products, including its Unified Computing System server line and its small business 220 Series Smart switches. In all instances of the vulnerabilities, a remote unauthenticated attacker could take over targeted...

Exploit for Type Confusion in Mozilla Firefox

PoC exploit for CVE-2019-11707, a vulnerability in Firefox 66.0...

Cisco RV130W 1.0.3.44 Remote Stack Overflow

!/usr/bin/python Exploit Title: Cisco RV130W Remote Stack Overflow Google Dork: n/a Date: Advisory Published: Feb 2019 Exploit Author: @0x00string Vendor Homepage: cisco.com Software Link: https://www.cisco.com/c/en/us/products/routers/rv130w-wireless-n-multifunction-vpn-router/index.html Version...

Cisco RV130W 1.0.3.44 - Remote Stack Overflow Exploit

!/usr/bin/python Exploit Title: Cisco RV130W Remote Stack Overflow Google Dork: n/a Date: Advisory Published: Feb 2019 Exploit Author: @0x00string Vendor Homepage: cisco.com Software Link: https://www.cisco.com/c/en/us/products/routers/rv130w-wireless-n-multifunction-vpn-router/index.html Version...

CVE-2019-12499

Firejail before 0.9.60 allows truncation resizing to length 0 of the firejail binary on the host by running exploit code inside a firejail sandbox and having the sandbox terminated. To succeed, certain conditions need to be fulfilled: The jail with the exploit code inside needs to be started as...

Command injection

Firejail before 0.9.60 allows truncation resizing to length 0 of the firejail binary on the host by running exploit code inside a firejail sandbox and having the sandbox terminated. To succeed, certain conditions need to be fulfilled: The jail with the exploit code inside needs to be started as...

CVE-2019-12499

Firejail before 0.9.60 allows truncation resizing to length 0 of the firejail binary on the host by running exploit code inside a firejail sandbox and having the sandbox terminated. To succeed, certain conditions need to be fulfilled: The jail with the exploit code inside needs to be started as...

Microsoft Windows Task Scheduler SetJobFileSecurityByName privilege escalation vulnerability

Overview Microsoft Windows contains a privilege escalation vulnerability in the way that theTask Scheduler SetJobFileSecurityByName function is used, which can allow an authenticated attacker to gain SYSTEM privileges on an affected system. Description Task Scheduler is a set of Microsoft Windows...

ScarCruft continues to evolve, introduces Bluetooth harvester

Executive summary After publishing our initial series of blogposts back in 2016, we have continued to track the ScarCruft threat actor. ScarCruft is a Korean-speaking and allegedly state-sponsored threat actor that usually targets organizations and companies with links to the Korean peninsula. Th...

Freefloat FTP Server 1.0 - SIZE Remote Buffer Overflow Exploit

Exploit Title: Free Float FTP 1.0 "SIZE" Remote Buffer Overflow Exploit Author: Kevin Randall Vendor Homepage: Software Link: http://www.freefloat.com/software/freefloatftpserver.zip Version: Firmware: Free Float FTP 1.0 Tested on: Windows XP Professional Service Pack 2 CVE : N/A Generate Shellco...

F5 Networks BIG-IP : BIG-IP ASM XSS vulnerability (K14812883)

This is a stored cross-site scripting XSS vulnerability in an ASM violation viewed in the Configuration utility. In the worst case, an attacker can store a CSRF, which results in code execution as the admin user. CVE-2019-6607 The user levels that can store this attack are ASM Administrator,...

'Chaos' iPhone X Attack Alleges Remote Jailbreak

A Chinese security researcher has published what he claims is a proof-of-concept exploit that would allow a remote attacker to jailbreak an iPhoneX, unbeknownst to the user – allowing them to gain access to a victim’s data, processing power and more. Qixun Zhao of Qihoo 360 built the exploit, whi...