MyBB 1.8.6 Data Validation

Security Advisory - Curesec Research Team 1. Introduction Affected Product: MyBB 1.8.6 Fixed in: 1.8.7 Fixed Version Link: http://resources.mybb.com/downloads/mybb1807.zip Vendor Website: http://www.mybb.com/ Vulnerability Type: Improper validation of data passed to eval Remote Exploitable: Yes...

Boozt Fashion AB: Make victim buy in attacker's account without any idea - http://www.booztlet.com/

INTRODUCTION ------------------------ During the testing of http://www.booztlet.com/ I have noticed that the account related links available from https://www.boozt.com/ are also available in http://www.booztlet.com/. This should not be the case, as this shop doesn't have a "My account" section...

SAP NetWeaver AS JAVA - XXE vulnerability in BC-BMT-BPM-DSK component (CVE-2016-9563)

Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.5 Vendor URL: SAP Bugs: XXE Reported: 09.03.2016 Vendor response: 10.03.2016 Date of Public Advisory: 09.08.2016 Reference: SAP Security Note 2296909 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class: XXE...

SAP NetWeaver - buffer overflow vulnerability

Application: SAP NetWeaver Versions Affected: SAP NetWeaver 7.0-7.5 Vendor URL: SAP Bugs: buffer overflow Reported: 09.03.2016 Vendor response: 10.03.2016 Date of Public Advisory: 12.07.2016 Reference: SAP Security Note 2295238 Author: Dmitry Yudin ERPScan VULNERABILITY INFORMATION Class: Denial ...

JVC IP-Camera VN-T216VPRU - Local File Disclosure

Exploit for php platform in category web applications 1. Advisory Information ======================================== Title : JVC IP-Camera VN-T216VPRU Local File Inclusion Vendor Homepage : http://pro.jvc.com/ Remotely Exploitable : Yes Tested on Camera types : VN-T216VPRU Product References :...

Honeywell IP-Camera HICC-1100PT - Local File Disclosure

Advisory Information ======================================== Title : Honeywell IP-Camera HICC-1100PT Local File Inclusion Vendor Homepage : https://www.asia.security.honeywell.com Remotely Exploitable : Yes Tested on Camera types : HICC-1100PT Reference :...

JVC IP-Camera VN-T216VPRU Credential Disclosure

Advisory Information ======================================== Title : JVC IP-Camera VN-T216VPRU Remote Credentials Disclosure Vendor Homepage : http://pro.jvc.com/ Remotely Exploitable : Yes Tested on Camera types : VN-T216VPRU Product References :...

Vanderbilt IP-Camera CCPW3025-IR / CVMW3025-IR Credential Disclosure

Advisory Information ======================================== Title : Vanderbilt IP-Camera CCPW3025-IR + CVMW3025-IR Remote Credentials Disclosure Vendor Homepage : https://is.spiap.com/ Remotely Exploitable : Yes Tested on Camera types : CCPW3025-IR , CVMW3025-IR Product References :...

JVC IP Camera VN-T216VPRU - Credentials Disclosure

Exploit for cgi platform in category web applications 1. Advisory Information ======================================== Title : JVC IP-Camera VN-T216VPRU Remote Credentials Disclosure Vendor Homepage : http://pro.jvc.com/ Remotely Exploitable : Yes Tested on Camera types : VN-T216VPRU Product...

C2S DVR Management IRDOME-II-C2S / IRBOX-II-C2S / DVR - Credentials Disclosure / Authentication Bypass

Advisory Information ======================================== Title : C2S DVR Management Remote Credentials Disclosure & Authentication Bypass Vendor Homepage : http://www.cash2s.com/en/ Remotely Exploitable : Yes Tested on Camera types : IRDOME-II-C2S, IRBOX-II-C2S, DVR Vulnerabilities :...

Honeywell IP Camera HICC-1100PT - Credentials Disclosure

Exploit for cgi platform in category web applications 1. Advisory Information ======================================== Title : Honeywell IP-Camera HICC-1100PT Unauthenticated Remote Credentials Disclosure Vendor Homepage : https://www.asia.security.honeywell.com Remotely Exploitable : Yes Tested ...

Honeywell IP-Camera HICC-1100PT - Credentials Disclosure

Advisory Information ======================================== Title : Honeywell IP-Camera HICC-1100PT Unauthenticated Remote Credentials Disclosure Vendor Homepage : https://www.asia.security.honeywell.com Remotely Exploitable : Yes Tested on Camera types : HICC-1100PT Reference :...

Glibc DNS Resolver Vulnerability

A vulnerability in the GNU libc glibc DNS resolver allows remote code execution CVE-2015-7547. However, this issue can be exploited only from a DNS server that is under the control of an attacker. Ref 91886. This glibc issue is only exploitable by an attacker controlling the DNS server configured...

Netcore Router Udp 53413 Backdoor

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Netcore Router Udp 53413 Backdoor', 'Description' = %q Routers manufactured by Netcore, a popular brand for networking equipmen...

SAP SAPCAR - Multiple Vulnerabilities

SAP SAPCAR - Multiple Vulnerabilities 1. Advisory Information Title: SAP CAR Multiple Vulnerabilities Advisory ID: CORE-2016-0006 Advisory URL: http://www.coresecurity.com/advisories/sap-car-multiple-vulnerabilities Date published: 2016-08-09 Date of last update: 2016-08-09 Vendors contacted: SAP...

Use-after-free in DTLS during WebRTC session shutdown — Mozilla

Security researcher Looben Yang reported a use-after-free vulnerability in WebRTC. This occurs during WebRTC session shutdown when DTLS objects in memory are freed while still actively in use. This results in a potentially exploitable crash...

Stack underflow during 2D graphics rendering — Mozilla

Georg Koppen of the Tor Project used the Address Sanitizer tool to discover a stack buffer underflow when calculating clipping regions in 2D graphics. This results in a potentially exploitable crash...

Crash in incremental garbage collection in JavaScript — Mozilla

Security researcher Jukka Jylänki reported a use-after-free in JavaScript caused by how objects and pointers are handled during incremental garbage collection in some circumstances working with object groups. When triggered, this causes a potential exploitable crash but is mitigated by the...

Use-after-free in service workers with nested sync events — Mozilla

Security researcher Looben Yang discovered a use-after-free vulnerability when working with nested sync event loops in Service Workers. He discovered a mechanism where scripts can close their own worker, which will then trigger a synchronization XMLHttpRequest on this now closed and released...

Use-after-free when using alt key and toplevel menus — Mozilla

Security researcher Abhishek Arya Inferno of the Google Chrome Security Team reported a use-after-free vulnerability when the alt key is used in conjunction with toplevel menu items in Firefox. This results in a potentially exploitable crash when triggered. This vulnerability is mitigated by not...