Imperva Mitigates Exploits of Citrix Vulnerability – Right Out of the Box

On December 17, Citrix issued a Security Bulletin on an unauthenticated remote code execution vulnerability CVE-2019-19781 affecting its Citrix Application Delivery Controller ADC - formerly known as NetScaler ADC - and its Citrix Gateway - formerly known as NetScaler Gateway. At the time of the...

Nginx Log Check - Nginx Log Security Analysis Script

Nginx Log Security Analysis Script Features Statistics Top 20 Address SQL injection analysis Scanner alert analysis Exploit detection Sensitive path access File contains attack Webshell Find URLs with response length Top 20 Looking for rare script file access Find script file for 302 redirect Usa...

jpvdYKiLAUi4eai

A Remote Browser's Agent XSS is a piece of software that allows a remote "operator" to control a browser as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "XSS" software is usually associated with criminal or malicious activity...

Part-DB 0.4 Authentication Bypass

Exploit Title: Part-DB 0.4 - Authentication Bypass Date: 2019-10-26 Author: Marvoloo Vendor Homepage: https://github.com/Part-DB/Part-DB/ Software Link: https://github.com/Part-DB/Part-DB/archive/master.zip Version: 0.4 Tested on: Linux CVE : N/A Discription: Easy authentication bypass...

Opencart 2.3.0.2 Pre-Auth Remote Command Execution

!/usr/bin/perl -w Opencart 2.3.0.2 Pre-Auth Remote Command Execution CLI Exploit Copyright 2019 c Todor Donev test@localhost opencart$ perl opencartrce.pl http://192.168.1.1/oc2302/ Opencart 2.3.0.2 Pre-Auth Remote Command Execution CLI Exploit...

Online Appointment - SQL Injection

Online Appointment - SQL Injection Exploit Title: Online Appointment SQL Injection Data: 07.09.2019 Exploit Author: mohammad zaheri Vendor HomagePage: https://github.com/girish03/Online-Appointment-Booking-System Tested on: Windows Google Dork: N/A ========= Vulnerable Page: =========...

Hard Pass: Declining APT34’s Invite to Join Their Professional Network

Background With increasing geopolitical tensions in the Middle East, we expect Iran to significantly increase the volume and scope of its cyber espionage campaigns. Iran has a critical need for strategic intelligence and is likely to fill this gap by conducting espionage against decision makers a...

Wesng - Windows Exploit Suggester

WES-NG is a tool based on the output of Windows' systeminfo utility which provides the list of vulnerabilities the OS is vulnerable to, including any exploits for these vulnerabilities. Every Windows OS between Windows XP and Windows 10, including their Windows Server counterparts, is supported...

Axessh 4.2 - 'Log file name' Local Stack-based Buffer Overflow

Title: Axessh 4.2 - 'Log file name' Local Stack-based Buffer Overflow Date: May 23rd, 2019 Author: Uday Mittal https://github.com/yaksas443/YaksasCSC-Lab/ Vendor Homepage: http://www.labf.com Software Link: http://www.labf.com/download/axessh.exe Version v4.2 Tested on: Windows 7 SP1 EN x86...

vBulletin 4.x.x vB Optimise 2.6.3 Pro Open Redirection

Exploit Title : vBulletin 4.x.x vB Optimise v2.6.3 Pro Open Redirection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 02/03/2019 Vendor Homepage : vbulletin.com dragonbyte-tech.com Software Information Link : dragonbyte-tech.com/store/vb-optimise.1/ Software...

Microsoft Edge Chakra Scripting Engine CVE-2019-0652 Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...

No left boundary for Vulnerability Detection

It's another common problem in nearly all Vulnerability Management products. In the post "What’s wrong with patch-based Vulnerability Management checks?" I wrote about the issues in plugin descriptions, now let's see what can go wrong with the detection logic. The problem is that Vulnerability...

RATELIMITED: Missing Protection Mechanism in Mail Servers allows malicious user to use staff.ratelimited.me email could lead to identity theft.

Hello ratelimited, I'm not really sure how your mail servers being configured but i guess there is a mis-configuration or missing protection mechanism that fails to verify if the email that is going to be sent are only made by authorized ratelimited staff only. From this point of view a malicious...

Microsoft Windows JET Database Engine CVE-2019-0583 Remote Code Execution Vulnerability

Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...

A new exploit for zero-day vulnerability CVE-2018-8589

Yesterday, Microsoft published its security bulletin, which patches a vulnerability discovered by our technologies. We reported it to Microsoft on October 17, 2018. The company confirmed the vulnerability and assigned it CVE-2018-8589. In October 2018, our Automatic Exploit Prevention AEP systems...

Grocery crud 1.6.1 - 'search_field' SQL Injection

Exploit Title: Grocery crud 1.6.1 - 'searchfield' SQL Injection Google Dork: n/a Date: 2018-11-05 Exploit Author: Loading Kura Kura Vendor Homepage: https://www.grocerycrud.com/ Software Link: https://www.grocerycrud.com/downloads Version: 1.6.1 Tested on: Win10/Kali Linux CVE : 1. Proof of Conce...

Jelastic 5.4 - host SQL Injection

Jelastic 5.4 - host SQL Injection Exploit Title: Jelastic 5.4 - 'host' SQL injection Google Dork: N/A Date: date Exploit Author: Procode701 Vendor Homepage: https://jelastic.com/ Software Link: https://jelastic.com/ Version: 5.4 Tested on: Kali Linux CVE : N/A POC: The application...

Gate Pass Management System 2.1 - login SQL Injection

Gate Pass Management System 2.1 - login SQL Injection Exploit Title: Gate Pass Management System 2.1 - 'login' SQL Injection Dork: N/A Date: 2018-11-01 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.livebms.com Software Link:...

FLIR Systems FLIR AX8 Thermal Camera 1.32.16 Hard-coded Credentials Shell Access

Summary Thermal Imaging Camera For Continuous Condition and Safety Monitoring FLIR AX8 is a thermal sensor with imaging capabilities. Combining thermal and visual cameras in a small, affordable package, the AX8 provides continuous temperature monitoring and alarming capabilities to protec critica...

Threat Outbreak Alert RuleID32637: Email Messages Distributing Malicious Software on May 2, 2018

Medium Alert ID: 57722 First Published: 2018 May 2 20:33 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID32637 may contain the following files: Name | Size ...