CherryTree 0.36.9 - Memory Corruption (PoC)

!/usr/bin/python CherryTree 0.36.9 - Memory Corruption PoC by n30m1nd Date: 2016-10-27 PoC Author: n30m1nd Vendor Homepage: http://www.giuspen.com/cherrytree/ Software Link: http://www.giuspen.com/software/cherrytree0.36.9setup.exe Version: Affects all versions of CherryTree prior to 0.37.6 Teste...

XhP CMS 0.5.1 Cross Site Request Forgery / Cross Site Scripting

Exploit Title: XhP CMS 0.5.1 - Cross-Site Request Forgery to Persistent Cross-Site Scripting Exploit Author: Ahsan Tahir Date: 19-10-2016 Software Link: https://sourceforge.net/projects/xhp/ Vendor: https://sourceforge.net/projects/xhp/ Google Dork: inurl:Powered by XHP CMS Contact:...

Sofacy APT organization to develop new Flash exploit framework-vulnerability warning-the black bar safety net

Sofacy cyber espionage Group, also known as Fancy Bear, and APT28, a Sednit, a Pawn Storm, and Strontium in. The organization has developed a new hack tool, and in the summer of this year the attacks have been put into use. Palo Alto Networks, the company said, the gang will be targeted in the...

Thatware 0.4.6 - SQL Injection

Thatware 0.4.6 - SQL Injection Exploit Title :----------------- : Thatware 0.4.6 - friend.php - SQL Injection Author :------------------------ : Besim Google Dork :---------------- : - Date :-------------------------- : 13/10/2016 Type :-------------------------- : webapps Platform :...

MLM Unilevel Plan Script 1.0.2 SQL Injection

Application Name : MLM Unilevel Plan Script v1.0.2 Exploit Author : Cyber Warrior | Bug Researchers Group | N4TuraL Author Contact : https://twitter.com/byn4tural Vendor Homepage : http://www.i-netsolution.com/ Vulnerable Type : SQL Injection Date : 2016-10-06 Tested on : Windows 10 / Mozilla...

MLM Unilevel Plan Script 1.0.2 - SQL Injection

Application Name : MLM Unilevel Plan Script v1.0.2 Exploit Author : Cyber Warrior | Bug Researchers Group | N4TuraL Author Contact : https://twitter.com/byn4tural Vendor Homepage : http://www.i-netsolution.com/ Vulnerable Type : SQL Injection Date : 2016-10-06 Tested on : Windows 10 / Mozilla...

Matrimonial Website Script 1.0.2 SQL Injection

Application Name : Matrimonial Website Script v1.0.2 Google Dork : inurl:viewfullprofile1.php?id= Exploit Author : Cyber Warrior | Bug Researchers Group | N4TuraL Author Contact : https://twitter.com/byn4tural Vendor Homepage : http://www.i-netsolution.com/ Vulnerable Type : SQL Injection Date :...

Matrimonial Website Script 1.0.2 - SQL Injection

Application Name : Matrimonial Website Script v1.0.2 Google Dork : inurl:viewfullprofile1.php?id= Exploit Author : Cyber Warrior | Bug Researchers Group | N4TuraL Author Contact : https://twitter.com/byn4tural Vendor Homepage : http://www.i-netsolution.com/ Vulnerable Type : SQL Injection Date :...

DllHijackAuditor 3.5 - Stack Overflow Vulnerability

Document Title: =============== DllHijackAuditor 3.5 - Stack Overflow Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=1954 Release Date: ============= 2016-09-21 Vulnerability Laboratory ID VL-ID: ==================================== 1954...

ZineBasic 1.1 - Arbitrary File Disclosure

Title: ZineBasic 1.1 Remote File Disclosure Exploit Author: bd0rk || East Germany former GDR Tested on: Ubuntu-Linux Vendor: http://w2scripts.com/news-publishing/ Download:...

Joomla! Component Portfolio Gallery 1.0.6 - SQL Injection

Title: Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Joomla extension v1.0.6 Author: Larry W. Cashdollar, @larry0 Date: 2016-09-16 Download Site: http://huge-it.com/joomla-portfolio-gallery/ Vendor: huge-it.com Vendor Notified: 2016-09-17 Vendor Contact: [email protected] Description:...

Belkin F9K1122v1 1.00.30 - Buffer Overflow (via Cross-Site Request Forgery)

No description provided by source. import socket, sys , base64, struct, string, urllib from getopt import getopt as GetOpt, GetoptError from uuid import getnode as getmac import SimpleHTTPServer, SocketServer TIMELINE ''' 3/16/2016 - First Submission to Belkin no response 5/3/2016 - Second...

FormatFactory 3.9.0 - (.task) Stack Overflow Vulnerability

Document Title: =============== FormatFactory 3.9.0 - .task Stack Overflow Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1935 Release Date: ============= 2016-09-01 Vulnerability Laboratory ID VL-ID: ====================================...

VideoIQ Camera Remote File Disclosure

"cli" die$error0; if$argc "; echo"\nExample: php $argv0 localhost 8080"; die; ifisset$argv1 && isset$argv2 $host = $argv1; $port = $argv2; $pack = "GET /%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C..FILEPATH HTTP/1.0\r\n"; $pack.= "Host: $host\r\n"; $pack.= "Connection:...

VideoIQ Camera - Local File Disclosure

Exploit for php platform in category web applications "cli" die$error0; if$argc "; echo"\nExample: php $argv0 localhost 8080"; die; ifisset$argv1 && isset$argv2 $host = $argv1; $port = $argv2; $pack = "GET /%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C..FILEPATH HTTP/1.0\r\n";...

Mail.ru: [cfire.mail.ru] CSRF Bypassed - Changing anyone's 'User Info'

Hi, I noticed that when we change userinfo of https://cfire.mail.ru from here: https://cfire.mail.ru/account/userinfo, there are two Anti-CSRF tokens or you can say that; they just do the work of Anti-CSRF token: - signature - submit2 Actually, I was able to bypass both Anti-CSRF tokens, and afte...

WSO2 Carbon 4.4.5 - Persistent Cross-Site Scripting

Exploit for jsp platform in category web applications + Credits: John Page aka HYP3RLINX Vendor: ============= www.wso2.com Product: ================== Ws02Carbon v4.4.5 WSO2 Carbon is the core platform on which WSO2 middleware products are built. It is based on Java OSGi technology, which allows...

WSO2 Carbon 4.4.5 - Persistent Cross-Site Scripting

Credits: John Page aka HYP3RLINX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WSO2-CARBON-v4.4.5-PERSISTENT-XSS-COOKIE-THEFT.txt + ISR: ApparitionSec Vendor: ============= www.wso2.com Product: ================== Ws02Carbon v4.4.5 WSO2 Carbon is the...

Joomla Huge IT Gallery 1.1.5 Cross Site Scripting / SQL Injection

Title: XSS and SQLi in huge IT gallery v1.1.5 for Joomla Author: Larry W. Cashdollar, @larry0 Elitza Neytcheva, @E1337za Date: 2016-07-14 Download Site: http://extensions.joomla.org/extensions/extension/photos-a-images/galleries/gallery-pro Vendor: huge-it.com Vendor Notified: 2016-07-15, fixed...

Amazon AWS XSS Protection Bypass

Exploit Author: Ajay Gowtham Vendor: ========================== http://aws.amazon.com/ Amazon Web Services, is a subsidiary of Amazon.com, which offers a suite of cloud computing services that make up an on-demand computing platform. These services operate from 12 geographical regions across the...