Hassium CMS 0.10 Cross Site Scripting

=============================================================| |A ExploitA Title:A A HassiumA CMSA CrossA SiteA Scripting | |A ExploitA Author:A AshiyaneA DigitalA SecurityA Team | |A VendorA Homepage:A http://www.hassium.org/index.php | |A DownloadA LinkA :A...

Brave Browser Address Bar Spoofing

Summary: Brave Browser Suffers from Address Bar Spoofing Vulnerability. Address Bar spoofing is a critical vulnerability in which any attacker can spoof the address bar to a legit looking website but the content of the web-page remains different from the Address-Bar display of the site. In Simple...

Brave Browser 1.2.16/1.9.56 - Address Bar URL Spoofing Vulnerability

Exploit for multiple platform in category dos / poc Brave Browser Suffers from Address Bar Spoofing Vulnerability. Address Bar spoofing is a critical vulnerability in which any attacker can spoof the address bar to a legit looking website but the content of the web-page remains different from the...

Brave Browser 1.2.161.9.56 - Address Bar URL Spoofing

Brave Browser 1.2.161.9.56 - Address Bar URL Spoofing Brave Browser Suffers from Address Bar Spoofing Vulnerability. Address Bar spoofing is a critical vulnerability in which any attacker can spoof the address bar to a legit looking website but the content of the web-page remains different from t...

Brave Browser 1.2.16/1.9.56 - Address Bar URL Spoofing

Brave Browser Suffers from Address Bar Spoofing Vulnerability. Address Bar spoofing is a critical vulnerability in which any attacker can spoof the address bar to a legit looking website but the content of the web-page remains different from the Address-Bar display of the site. In Simple words, t...

The widespread use of email components: PHPMailer remote code execution vulnerability exists-vulnerability warning-the black bar safety net

Recently, Polish researchers Dawid Golunski discovered a present in the PHPMailer in a serious remote code execution vulnerability. The vulnerabilities in yesterday's legalhackers. com published on, but the exploit details of a proof-of-concept and is not included. Unfortunately in a couple of...

Critical PHPMailer Flaw leaves Millions of Websites Vulnerable to Remote Exploit

A critical vulnerability has been discovered in PHPMailer, which is one of the most popular open source PHP libraries to send emails used by more than 9 Million users worldwide. Millions of PHP websites and popular open source web applications, including WordPress, Drupal, 1CRM, SugarCRM, Yii, an...

CVE-2016-8610: to cause a denial of service“SSL-Death Alert”vulnerability patch analysis-vulnerability warning-the black bar safety net

Recently, one for OpenSSL Red AlertSSL Death Alertvulnerability security patch caught our attention. Other serious security vulnerabilities, this vulnerability also caught our attention, because according to the vulnerability discoverer said, there is this vulnerability of OpenSSL Web servermay b...

NetCat 0.7.1 - Denial of Service Exploit

Exploit for linux platform in category dos / poc /usr/bin/python -- Coding: utf-8 -- GNU Netcat 0.7.1 - Out of bounds array write Access Violation by n30m1nd Date: 2016-11-19 Exploit Author: n30m1nd Vendor Homepage: http://netcat.sourceforge.net/ Software Link:...

Cyber Attack Knocks Nearly a Million Routers Offline

Mirai Botnet is getting stronger and more notorious each day that passes by. The reason: Insecure Internet-of-things Devices. Last month, the Mirai botnet knocked the entire Internet offline for a few hours, crippling some of the world's biggest and most popular websites. Now, more than 900,000...

EasyPHP Devserver 16.1.1 - Cross-Site Request Forgery Remote Command Execution

EasyPHP Devserver 16.1.1 - Cross-Site Request Forgery Remote Command Execution + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/EASYPHP-DEV-SERVER-REMOTE-CMD-EXECUTION.txt + ISR: ApparitionSec Vendor: ===============...

Teradata Studio Express 15.12.00.00 Race Condition Vulnerability

Exploit for linux platform in category local exploits Title: /tmp race condition in Teradata Studio Express v15.12.00.00 studioexpressinstall Author: Larry W. Cashdollar, @larry0 Date: 2016-10-03 Download Site: http://downloads.teradata.com/download/tools/teradata-studio-express Vendor: Teradata...

Teradata Virtual Machine Community Edition 15.10 Insecure File Permission

Title: Teradata Virtual Machine Community Edition v15.10 has insecure file permission Author: Larry W. Cashdollar, @larry0 Date: 2016-10-01 Download Site: http://downloads.teradata.com/download/database/teradata-virtual-machine-community-edition-for-vmware Vendor: Teradata Vendor Notified:...

e107 CMS 2.1.2 Privilege Escalation Vulnerability

Exploit for php platform in category web applications Exploit Title: e107 CMS 2.1.2 Privilege Escalation Date: 09-11-2016 Software Link: http://e107.org/ Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website: http://security.szurek.pl/ Category: webapps 1. Description Dat...

Simple PHP Blog 0.4.0 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications + Credits: Boumediene KADDOUR AKA sh311c0d3r + Website: http://www.pentestingskills.com Vendor: ====================== http://www.simpleblogphp.com Product: =============================== Simple PHP Blog 0.4.0 Vulnerability Type:...

Axessh 4.2 - Denial Of Service

Exploit for windows platform in category dos / poc + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AXESSH-DENIAL-OF-SERVICE.txt + ISR: ApparitionSec Vendor: ============ www.labf.com Product: ============= Axessh 4.2.2...

Critical Flaws in MySQL Give Hackers Root Access to Server (Exploits Released)

Over a month ago we reported about two critical zero-day vulnerabilities in the world's 2nd most popular database management software MySQL: MySQL Remote Root Code Execution CVE-2016-6662 Privilege Escalation CVE-2016-6663 At that time, Polish security researcher Dawid Golunski of Legal Hackers w...

KarjaSoft Sami FTP Server 2.0.2 - USERPASS Remote Buffer Overflow (SEH)

KarjaSoft Sami FTP Server 2.0.2 - USERPASS Remote Buffer Overflow SEH /usr/bin/python -- Coding: utf-8 -- Sami FTP Server 2.0.2- SEH Overwrite, Buffer Overflow by n30m1nd Date: 2016-01-11 Exploit Author: n30m1nd Vendor Homepage: http://www.karjasoft.com/ Software Link:...

NVIDIA Driver - Unchecked Write to User-Provided Pointer in Escape 0x700010d

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=894 The DxgkDdiEscape handler for 0x700010d accepts a user provided pointer as the destination for a memcpy call, without doing any checks on said pointer. void fastcall escape700010DNvMiniportDeviceContext ctx, NvEscapeData escape...

Baby FTP server 1.24 - Denial of Service Exploit

Exploit for windows platform in category dos / poc !/usr/bin/python Baby FTP 1.24 - Denial of Service by n30m1nd Date: 2016-10-27 PoC Author: n30m1nd Vendor Homepage: http://www.pablosoftwaresolutions.com/ Software Link: http://www.pablosoftwaresolutions.com/download.php?id=1 Version: 1.24 Tested...