252 matches found
S9Y Serendipity 2.0.4 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications ======================================== Title: Serendipity-2.0.4 latest version - Stored Cross Site Scripting Application: Serendipity Class: Sensitive Information disclosure Versions Affected: alert'Meryem ExploitDB' HTTP Request POST...
S9Y Serendipity 2.0.4 - Cross-Site Scripting
======================================== Title: Serendipity-2.0.4 latest version - Stored Cross Site Scripting Application: Serendipity Class: Sensitive Information disclosure Versions Affected: alert'Meryem ExploitDB' HTTP Request POST /serendipity/serendipityadmin.php? HTTP/1.1 Host: sitename...
Zenbership 107 Cross Site Request Forgery / Cross Site Scripting
ADVISORY INFORMATION ======================================== Title: Zenbership latest version - Multiple Vulnerabilities Application: Zenbership Class: Sensitive Information disclosure Versions Affected: alert'ExploitDB' HTTP Request POST /zenbership/pp-functions/formprocess.php HTTP/1.1 Host:...
ColoradoFTP Server <= 1.3 Directory Traversal Vulnerability - Active Check
ColoradoFTP server is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Wireshark 2.0.0 2.0.4 - CORBA IDL Dissectors Denial of Service
Wireshark 2.0.0 2.0.4 - CORBA IDL Dissectors Denial of Service GIOP capture Build Information: Version 2.0.3 v2.0.3-0-geed34f0 from master-2.0 Copyright 1998-2016 Gerald Combs and contributors. License GPLv2+: GNU GPL version 2 or later This is free software; see the source for copying conditions...
Wireshark 1.12.0 1.12.12 2.0.0 2.0.4 - WSP Dissector Denial of Service
Wireshark 1.12.0 1.12.12 2.0.0 2.0.4 - WSP Dissector Denial of Service Sample generated with AFL Build Information: TShark Wireshark 2.0.4 Copyright 1998-2016 Gerald Combs and contributors. License GPLv2+: GNU GPL version 2 or later This is free software; see the source for copying conditions...
CoolPlayer+ Portable 2.19.6 - '.m3u' Stack Overflow (Egghunter + ASLR Bypass)
Exploit for windows platform in category local exploits Exploit Title: CoolPlayer+ Portable build 2.19.6 - .m3u Stack Overflow Egghunter+ASLR bypass Exploit Author: Karn Ganeshen Download link:...
CoolPlayer+ Portable 2.19.6 - .m3u File Stack Overflow (Egghunter + ASLR Bypass)
CoolPlayer+ Portable 2.19.6 - .m3u File Stack Overflow Egghunter + ASLR Bypass Exploit Title: CoolPlayer+ Portable build 2.19.6 - .m3u Stack Overflow Egghunter+ASLR bypass Exploit Author: Karn Ganeshen Download link:...
TFTP Server 1.4 - WRQ Remote Buffer Overflow (Egghunter)
TFTP Server 1.4 - WRQ Remote Buffer Overflow Egghunter Exploit Title: TFTP Server 1.4 - WRQ Buffer Overflow Exploit Egghunter Exploit Author: Karn Ganeshen Vendor Homepage: http://sourceforge.net/projects/tftp-server/ Version: 1.4 Tested on: Windows Vista SP2 Coded this for Vista Ultimate, Servic...
Adobe Acrobat Reader DC 15.016.20045 - Invalid Font '.ttf' Memory Corruption (1)
Application: Adobe Acrobat Reader DC Platforms: Windows,OSX Versions: 15.016.20045 and earlier Author: Sébastien Morin and Pier-Luc Maltais of COSIG Website: https://cosig.gouv.qc.ca/en/advisory/ Twitter: @COSIG Date: July 12, 2016 CVE: CVE-2016-4205 COSIG-2016-30 1 Introduction 2 Report Timeline...
Option CloudGate Insecure Direct Object References And XSS Vulnerabilities
Option CloudGate is prone to cross site scripting and insecure direct object reference authorization bypass vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Wireshark - erf_meta_read_tag SIGSEGV
Wireshark - erfmetareadtag SIGSEGV Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=803 The following SIGSEGV crash due to an invalid memory read can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$ ./tshark -nVxr...
Adobe Flash - Heap Overflow in ATF Processing Image Reading
Adobe Flash - Heap Overflow in ATF Processing Image Reading Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=789 There is a large heap overflow in reading an ATF image to a Bitmap object. To reproduce the issue, load the attach file '4' using LoadImage.swf as follows:...
Windows kernel Vulnerability CVE-2 0 1 6-0 1 4 3 analysis-vulnerability warning-the black bar safety net
4 on 2 0 March, Nils Sommer in the exploitdb on broke a new Windows kernel vulnerability PoC. The vulnerability affects all versions of Windows operating system, the attacker after the success of available privilege escalation, Microsoft in 4, on patch day fixes the vulnerability. 0×0 1...
PCMan FTP Server 2.0.7 - RENAME Remote Buffer Overflow (Metasploit)
PCMan FTP Server 2.0.7 - RENAME Remote Buffer Overflow Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Original Exploit Information Date: 29 Aug 2015 Exploit Author: Koby Tested on: Windows XP SP3 Link:...
Microsoft Excel - Out-of-Bounds Read Code Execution (MS16-042)
Title: Microsoft Office Excel Out-of-Bounds Read Remote Code Execution Application: Microsoft Office Excel Affected Products: Microsoft Office Excel 2007,2010,2013,2016 Software Link: https://products.office.com/en-ca/excel Date: April 12, 2016 CVE: CVE-2016-0122 MS16-042 Author: Sébastien Morin...
Adobe Flash - Zlib Codec Heap Overflow
Adobe Flash - Zlib Codec Heap Overflow Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=720 There is a heap overflow in the Zlib codecs used when playing flv files in flash. Sample flv files are attached. Load http://127.0.0.1/LoadMP42.swf?file=smalloverflow.flv to reproduce. Pro...
Adobe Flash - Uninitialized Stack Parameter Access in MovieClip.swapDepths UaF Fix
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=715 The ActionScript parameter conversion in the fix for issue 403 https://code.google.com/p/google-security-research/issues/detail?id=403 can sometimes access a parameter on the native stack that is uninitialized. If: mc.swapDepth...
PictureTrails Photo Editor GE.exe 2.0.0 - .bmp Crash (PoC)
PictureTrails Photo Editor GE.exe 2.0.0 - .bmp Crash PoC Exploit Title: PictureTrail Photo Editor GE.exe 2.00 - ./bmp Crash PoC Date: 01-03-2016 Exploit Author: redknight99 Vendor Homepage: http://www.picturetrail.com/ Software Link: http://www.picturetrail.com/downloads/photoeditor200.exe Versio...
PotPlayer 1.6.5x - '.mp3' Crash (PoC)
Exploit for windows platform in category dos / poc Exploit Title: POTPLAYER 1.6.5x MP3 CRASH POC Date: 08-02-2016 Exploit Author: Shantanu Khandelwal Vendor Homepage: https://potplayer.daum.net/ Software Link: 32-Bit http://get.daum.net/PotPlayer/v3/PotPlayerSetup.exe Software Link: 64-Bit...