Cisco Aironet EAP Debugging Denial of Service Vulnerability

A vulnerability in the debugging features of Cisco IOS running on Cisco Aironet access points could allow an unauthenticated, adjacent attacker to create a denial of service condition. The vulnerability is due to a failure to properly process a certain debugging message that may occur when the...

Linux Local Root => 2.6.39 (32-bit & 64-bit) - Mempodipper #2

No description provided by source. /Exploit code is here: http://git.zx2c4.com/CVE-2012-0056/plain/mempodipper.c Blog post about it is here: http://blog.zx2c4.com/749 / / Mempodipper by zx2c4 Linux Local Root Exploit Rather than put my write up here, per usual, this time I've put it in a rather...

Cisco Unified Communications Manager Remote Mobile Access Subsystem Vulnerability

A vulnerability in the Remote Mobile Access Subsystem in Cisco Unified Communications Manager Cisco Unified CM could allow an unauthenticated, remote attacker to supply a crafted Transport Layer Security TLS certificate that may be accepted by the affected device. The vulnerability is due to...

Cisco Small Business RV Series Routers HTTP Referer Header Vulnerability

A vulnerability in the administrative web interface of the Cisco RV120W Wireless-N VPN Firewall, Cisco RV180 VPN Router, Cisco RV180W Wireless-N Multifunction VPN Router, and Cisco RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to perform a cross-site...

Cisco Unified Communications Manager Service Interface Reflected Cross-Site Scripting Vulnerability

A vulnerability in the CCM Service interface of the Cisco Unified Communications Manager Server contains a vulnerability that could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of the affected system. The vulnerabilit...

Cisco Unified Communications Manager DNA Interface Reflected Cross-Site Scripting Vulnerability

A vulnerability in the CCM Dialed Number Analyzer interface of the Cisco Unified Communications Manager Server contains a vulnerability that could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of the affected system. T...

Cisco Unified Communications Manager Reports Interface Reflected Cross-Site Scripting Vulnerability

A vulnerability in the CCM reports interface of the Cisco Unified Communications Manager Server contains a vulnerability that could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of the affected system. The vulnerabilit...

Cisco AsyncOS Software ZIP Filtering Bypass Vulnerability

A vulnerability in the ZIP inspection engine of Cisco AsyncOS for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass the engine protection and deliver malicious ZIP files. The vulnerability is due to improper implementation of the logic for analyzing the...

Microsoft Internet Explorer CVE-2014-4133 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Cisco Intrusion Prevention System MainApp Denial of Service Vulnerability

A vulnerability in the web framework of Cisco Intrusion Prevention System IPS Software could allow an authenticated, remote attacker to cause MainApp to hang intermittently because the authentication manager process creates a denial of service DoS condition. The vulnerability is due to improper...

Joomla Mac Gallery <= 1.5 Arbitrary File Download Exploit

Joomla Mac Gallery component versions 1.5 and below suffer from an arbitrary file download vulnerability. Exploit Title : Joomla Mac Gallery = 1.5 Arbitrary File Download Exploit Author : Claudio Viviani Vendor Homepage : https://www.apptha.com Software Link :...

Cisco IOS XR Software Malformed TACACS+ Packet Denial of Service Vulnerability

A vulnerability in TACACS+ processing of Cisco IOS XR could allow an unauthenticated, remote attacker to cause a reload of the TACACS+ daemon tacacsd on the affected device. The vulnerability is due to improper parsing of a malformed TACACS+ packet. An attacker could exploit this vulnerability by...

Portable router storage 0 DAY vulnerability that hackers can steal the privacy-vulnerability warning-the black bar safety net

Tenda router 4G301 model the presence of memory-typeXSScross-site scripting vulnerability vulnerability number: RSV-2 0 1 4-0 0 1 River. Rising security experts, the vulnerability is currently no official patch, belonging to the 0 DAY vulnerability, an attacker can carefully construct a malicious...

Cisco IOS XR Software DHCPv6 Denial of Service Vulnerability

A vulnerability in the DHCP version 6 DHCPv6 code of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the DHCPv6 server process on an affected device to crash. The vulnerability is due to incorrect handling of malformed DHCPv6 packets. An attacker could exploit this...

ProFTPd Local pr_ctrls_connect Vulnerability - ftpdctl vulnerability and exploit code analysis-vulnerability warning-the black bar safety net

Exploit code URL: http://www.exploit-db.com/exploits/394/ ! 1, Operating environment: 1, The ProFTPD 1.3.0/1.3.0 a 2, the compiled ProFTPD,--enable-ctrls option must be open ./ configure --enable-ctrls 2, The Run parameters: root@kali: gcc 3 9 4. c-o 3 9 4 root@kali: ./ 3 9 4 –s option -p...

WordPress Plugin Huge-IT Image Gallery 1.0.1 - (Authenticated) SQL Injection

WordPress Plugin Huge-IT Image Gallery 1.0.1 - Authenticated SQL Injection Exploit Title : Wordpress Huge-IT Image Gallery 1.0.1 Authenticated SQL Injection Exploit Author : Claudio Viviani Vendor Homepage : http://huge-it.com/ Software Link :...

WordPress Plugin Huge-IT Image Gallery 1.0.1 - (Authenticated) SQL Injection

Exploit Title : Wordpress Huge-IT Image Gallery 1.0.1 Authenticated SQL Injection Exploit Author : Claudio Viviani Vendor Homepage : http://huge-it.com/ Software Link : http://downloads.wordpress.org/plugin/gallery-images.zip Mirror Link :...

WordPress Huge IT Image Gallery 1.0.0 SQL Injection

Exploit Title : Wordpress Huge-IT Image Gallery 1.0.1 Authenticated SQL Injection Exploit Author : Claudio Viviani Vendor Homepage : http://huge-it.com/ Software Link : http://downloads.wordpress.org/plugin/gallery-images.zip Mirror Link :...

Cisco Intelligent Automation for Cloud Arbitrary File Upload Vulnerability

A vulnerability in Cisco Intelligent Automation for Cloud could allow an authenticated, remote attacker to upload arbitrary files. The vulnerability is due to insufficient input validation of a file type. An attacker could exploit this vulnerability by submitting a crafted file to an affected...

Cisco Transport Gateway for Smart Call Home Unauthorized Configuration Change Vulnerability

A vulnerability in the web framework code of Cisco Transport Gateway for Smart Call Home TG-SCH could allow an unauthenticated, remote attacker to make certain changes to the system. The vulnerability is due to improper implementation of authorization controls when accessing certain administrativ...