2058 matches found
WordPress Random Banner 1.1.2.1 Cross Site Scripting
Exploit Title : Wordpress random-banner.1.1.2.1 Cross Site Scripting Exploit Author : Ashiyane Digital Security Team Vendor Homepage : http://wordpress.org/plugins/random-banner/ Software Link : http://downloads.wordpress.org/plugin/random-banner.1.1.2.1.zip Date : 2014-06-28 Tested on : Windows ...
MS13-097 Registry Symlink IE Sandbox Escape Exploit
This Metasploit module exploits a vulnerability in Internet Explorer Sandbox which allows to escape the Enhanced Protected Mode and execute code with Medium Integrity. The vulnerability exists in the IESetProtectedModeRegKeyOnly function from the ieframe.dll component, which can be abused to forc...
Wordpress 3.9.1 - CSRF Vulnerability
Exploit for php platform in category web applications EXPLOIT TITLE:Wordpress 3.9.1-CSRF vulnerability DATE:21st June,2014 Author:Avinash Kumar Thapa URL: localhost/wordpress/ PATCH/FIX:Not fixed yet. Technical Details: This is the new version released by Wordpress. version is 3.9.1Latest Cross...
Cisco WebEx Meeting Server Sensitive Information Disclosure Vulnerability
A vulnerability in the XML programmatic interface XML PI of Cisco WebEx Meeting Server could allow an authenticated, remote attacker to access sensitive information. The vulnerability is due to disclosure of the meeting information. An attacker could exploit this vulnerability by sending a crafte...
Wordpress Theme Myriad Arbitrary File Download Vulnerability
This exploit allows attacker to download any writable file from the server Usage Info The exploit extension is .html Put the path of the file in the file's field of the exploit ,then click "Download" button then you get the file directly Title : Wordpress Theme Myriad Arbitrary File Download...
Cisco Adaptive Security Appliance Software WebVPN Information Disclosure Vulnerability
A vulnerability in the WebVPN portal of Cisco Adaptive Security Appliance ASA could allow an authenticated, remote attacker to view sensitive information from the affected system. The vulnerability is due to improper input validation in the WebVPN portal. An attacker could exploit this...
Cisco Unified Communications Manager Java Interface SQL Injection Vulnerability
A vulnerability in BulkViewFileContentsAction.java of Cisco Unified Communications Manager Cisco Unified CM could allow an authenticated, remote attacker to access sensitive information. The vulnerability is due to improper filename parameters. An attacker could exploit this vulnerability by...
Cisco NX-OS Software HSRP Authentication Denial of Service Vulnerability
A vulnerability in Hot Standby Router Protocol HSRP authentication in the Cisco Nexus series could allow an unauthenticated, adjacent attacker to affect the state of HSRP group members and cause black holing of traffic. The vulnerability is due to incorrect parsing of malformed HSRP packets. An...
Cisco AsyncOS Cross-Site Scripting Vulnerability
A vulnerability in the web management interface of Cisco AsyncOS could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface on the affected system. The vulnerability is due to insufficient input validation of a parameter. An...
Zyxel P-660HW-T1 v3 Wireless Router - CSRF Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Zyxel P-660HW-T1 v3 Wireless Router - CSRF Vulnerabilities Date: 05/22/2014 Author: Mustafa ALTINKAYNAK Vendor Homepage:http://www.zyxel.com/tr/tr/productsservices/p660hwseries.shtml?t=p Category: Hardware/Wireless Router...
Zyxel P-660HW-T1 Cross Site Request Forgery
Exploit Title: Zyxel P-660HW-T1 v3 Wireless Router - CSRF Vulnerabilities Date: 05/28/2014 Author: Mustafa ALTINKAYNAK Vendor Homepage:http://www.zyxel.com/tr/tr/productsservices/p660hwseries.shtml?t=p Category: Hardware/Wireless Router Tested on: Zyxel P-660HW-T1 v3 Wireless Router Patch/ Fix:...
jsboard 2.0.16 Local File Include Vulnerability
Exploit for php platform in category web applications ----------exploit Debut Local File Include Vulnerability ----------Script Info Author : JIKO ----------Script Info Site : http://kldp.net/projects/jsboard/ Version : 2.0.16 Download : http://kldp.net/frs/download.php/6058/jsboard-2.0.16.tar.gz...
ZYXEL P-660HW-T1 3 Wireless Router - Cross-Site Request Forgery
ZYXEL P-660HW-T1 3 Wireless Router - Cross-Site Request Forgery Exploit Title: Zyxel P-660HW-T1 v3 Wireless Router - CSRF Vulnerabilities Date: 05/22/2014 Author: Mustafa ALTINKAYNAK Vendor Homepage:http://www.zyxel.com/tr/tr/productsservices/p660hwseries.shtml?t=p Category: Hardware/Wireless...
Binatone DT 850W Router Cross Site Request Forgery Vulnerability
Binatone DT 850W wireless router suffers from multiple cross site request forgery vulnerabilities. Exploit Title: Binatone DT 850W Wireless Router - Multiple CSRF Vulnerabilities Date: 05/20/2014 Author: Samandeep Singh - SaMaN @samanL33T Vendor...
phpnuke 8.3 Sql Injection Vulnerability
Exploit for php platform in category web applications author : ali ahmady -- Iranian security researcher email : snip3rirathotmail.com greets : b0x , PhantomX , VIRkid , email protected , zeus REKCAH , milad22 google dork : inurl: modules.php?name=SubmitNews at post review level you can inject...
Cisco Tidal Enterprise Scheduler Agent Privilege Escalation Vulnerability
A vulnerability in Cisco Tidal Enterprise Scheduler Agent could allow an authenticated, local attacker to execute arbitrary commands on the affected system with the privileges of the root user. The vulnerability is due to insufficient validation of the Tidal Job Buffers TJB parameters when the...
Cisco Security Manager Cross-Site Scripting Vulnerability
A vulnerability in the web framework of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface. The vulnerability is due to insufficient input validation of a parameter. An attacker could exploit this...
Binatone DT 850W Wireless Router - Multiple CSRF Vulnerabilities
Exploit for hardware platform in category web applications Exploit Title: Binatone DT 850W Wireless Router - Multiple CSRF Vulnerabilities Date: 05/20/2014 Author: Samandeep Singh - SaMaN @samanL33T Vendor Homepage:http://www.binatonetelecom.in/4port-adsl2-wifi-router1.html Category:...
Binatone DT 850W Router Cross Site Request Forgery
Exploit Title: Binatone DT 850W Wireless Router - Multiple CSRF Vulnerabilities Date: 05/20/2014 Author: Samandeep Singh - SaMaN @samanL33T Vendor Homepage:http://www.binatonetelecom.in/4port-adsl2-wifi-router1.html Category: Hardware/Wireless Router Firmware Version: T6W-A1.005 and below Tested...
Binatone DT 850W Wireless Router - Multiple Cross-Site Request Forgery Vulnerabilities
Binatone DT 850W Wireless Router - Multiple Cross-Site Request Forgery Vulnerabilities Exploit Title: Binatone DT 850W Wireless Router - Multiple CSRF Vulnerabilities Date: 05/20/2014 Author: Samandeep Singh - SaMaN @samanL33T Vendor...