2058 matches found
IBM i Access 7.1 - Buffer Overflow Code Execution Vulnerability
IBM i Access for Windows is vulnerable to a buffer overflow. A local attacker could overflow a buffer and execute arbitrary code on the Windows PC. IBM i Access 7.1 - Buffer Overflow Code Execution Vulnerability Vendor: ============== www.ibm.com Product:...
CF Image Host 1.6.6 Cross Site Request Forgery
Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-CFIMAGEHOST-CSRF.txt Vendor: ==================================== codefuture.co.uk/projects/imagehost Product: =================================== CF Image Host 1.65 - 1.6.6 Archive...
NXFilter 3.0.3 - Cross-Site Request Forgery
Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-NXFILTER-CSRF.txt Vendor: ================================ www.nxfilter.org/p2/ Product: ================================ NXFilter v3.0.3 Vulnerability Type:...
PHP Server Monitor 3.1.1 - Multiple Cross-Site Request Forgery Vulnerabilities
Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-PHPSRVMONITOR-CSRF.txt Vendor: ================================ www.phpservermonitor.org...
PHP Server Monitor 3.1.1 - Cross-Site Request Forgery / Privilege Escalation
function doit var e=document.getElementById'HELL' e.submit inpu...
Hacking Team Android browser attacks during the vulnerability analysis Stage 2-vulnerability warning-the black bar safety net
A, vulnerability introduction: Hacking team of the year broke out for android4. 0. x-4.3. x android browser vulnerabilities to attack the use of the code. The exploit code, by successive use of a plurality of browser and kernel vulnerabilities, is done through Javascript to the virtual memory wri...
Zope Management Interface CSRF vulnerabilities
Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-ZOPE-CSRF.txt Vendor: ================================ www.zope.org plone.org Product: ================================ Zope Management Interface 4.3.7 Zope is a Python-based application...
Easy File Sharing Web Server 7.2 - Remote Overflow (SEH)
Easy File Sharing Web Server 7.2 - Remote Overflow SEH !/usr/bin/env python Easy File Sharing Web Server v7.2 Remote SEH Based Overflow The buffer overwrites ebx with 750+ offset, when sending 4059 it overwrites the EBX vulnerable file /changeuser.ghp Cookies UserID=buf Means there are two ways t...
NetUSB Stack Buffer Overflow
!/usr/bin/env python -- coding: utf-8 -- import socket import sys import random import string import time import struct from Crypto.Cipher import AES pip install pycrypto DOSBYTES = 128 BoF TIMEOUT = 5 RECVSIZE = 16 PORTDEFAULT = 20005 AESKey =...
Zope Management Interface 4.3.7 - Cross-Site Request Forgery
Zope Management Interface 4.3.7 - Cross-Site Request Forgery + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-ZOPE-CSRF.txt Vendor: ================================ www.zope.org plone.org Product: ================================ Zop...
Zope Management Interface 4.3.7 - Cross-Site Request Forgery
Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-ZOPE-CSRF.txt Vendor: ================================ www.zope.org plone.org Product: ================================ Zope Management Interface 4.3.7 Zope is a Python-based application...
FTGate 7 - Cross-Site Request Forgery
FTGate 7 - Cross-Site Request Forgery + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-FTGATE-V7-CSRF.txt Vendor: ================================ www.ftgate.com www.ftgate.com/ftgate-update-7-0-300 Product:...
FTGate 7 Cross Site Request Forgery
Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-FTGATE-V7-CSRF.txt Vendor: ================================ www.ftgate.com www.ftgate.com/ftgate-update-7-0-300 Product: ================================ FTGate v7 Vulnerability Type:...
Stagefright Bug 2.0 — One Billion Android SmartPhones Vulnerable to Hacking
Attention Android users! More than 1 Billion Android devices are vulnerable to hackers once again – Thanks to newly disclosed two new Android Stagefright vulnerabilities. Yes, Android Stagefright bug is Back… …and this time, the flaw allows an attacker to hack Android smartphones just by tricking...
Cisco Email Security Appliance Max Files Denial of Service Vulnerability
A vulnerability in file descriptor handling of the Cisco Email Security Appliance ESA could allow an authenticated, remote attacker to cause a denial of service DoS condition due to the affected device unexpectedly reloading. The vulnerability is due to failure to release file descriptors when th...
PCMan FTP Server 2.0.7 Directory Traversal
!/usr/bin/python title: PCMan FTP Server v2.0.7 Directory Traversal author: Jay Turla tested on Windows XP Service Pack 3 - English software Link: https://www.exploit-db.com/apps/9fceb6fefd0f3ca1a8c36e97b6cc925d-PCMan.7z description: PCMAN FTP 2.07 is vulnerable to Directory Traversal quick and...
BisonWare BisonFTP Server 3.5 - Directory Traversal
BisonWare BisonFTP Server 3.5 - Directory Traversal !/usr/bin/python title: BisonWare BisonFTP server product V3.5 Directory Traversal Vulnerability author: Jay Turla tested on Windows XP Service Pack 3 - English software link:...
PCMan FTP服务器2.0.7 - PUT命令缓冲区溢出
No description provided by source. !/usr/bin/python title: PCMan FTP Server v2.0.7 Buffer Overflow - PUT Command author: @shipcod3 Jay Turla nc 9988 Tested on Windows XP Service Pack 3 - English description: Buffer overflow is triggered upon sending long string using the command PUT to PCMAN FTP...
Cisco Unity Connection Web Interface SQL Injection Vulnerability
A vulnerability in the web interface of Cisco Unity Connection UC could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL queries. The vulnerability is due to a lack of input validation on user-supplied input in SQL queries. An attacker...
Cisco Email Security Appliance Format String Vulnerability
The Cisco Email Security Appliance ESA contains a vulnerability that could allow an unauthenticated, remote attacker to impact the integrity and availability of services and data on the affected device. The impact includes a partial denial of service DoS. In addition, the attacker could override...