Lucene search
+L

141 matches found

NVD
NVD
added 2019/05/22 3:29 p.m.29 views

CVE-2019-12102

Kentico 11 through 12 lets attackers upload and explore files without authentication via the cmsmodules/medialibrary/formcontrols/liveselectors/insertimageormedia/tabsmedia.aspx URI. NOTE: The vendor disputes the report because the researcher did not configure the media library permissions...

9.1CVSS9.3AI score0.02157EPSS
Exploits0References4
CVE
CVE
added 2019/05/22 2:54 p.m.71 views

CVE-2019-12102

CVE-2019-12102 affects Kentico 11–12. The issue allows unauthenticated uploading and browsing of files via cmsmodules/medialibrary/formcontrols/liveselectors/insertimageormedia/tabs_media.aspx. Root cause appears to be media library permissions/configuration, with vendor notes that by default all...

9.1CVSS9.1AI score0.02157EPSS
Exploits0References4Affected Software1
Kitploit
Kitploit
added 2019/02/13 9:12 p.m.136 views

Up (Ultimate Plumber) - Tool For Writing Linux Pipes With Instant Live Preview

up is the Ultimate Plumber , a tool for writing Linux pipes in a terminal-based UI interactively, with instant live preview of command results. The main goal of the Ultimate Plumber is to help interactively and incrementally explore textual data in Linux, by making it easier to quickly build...

7.8AI score
Exploits0References3
ThreatPost
ThreatPost
added 2018/10/12 3:25 p.m.27 views

Shining a Light on a New Technique for Stealth Persistence

Red teamers like myself and my team are driven by a desire to out-innovate the bad guys – to help the good guys. We study their methods, strive to think like they do, work to better understand attacker techniques and test our mettle against the spectrum of technologies in use today to find new wa...

0.4AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2018/05/03 1:52 p.m.16 views

Man Climbs Severn Bridge. Your office is twice as easy and half as scary

So you think no one would ever sneak into your business? Think Again. The man who climbed the Severn Bridge and broke into the Big Brother house seems to have method to his madness. Here’s why. When I describe Social Engineering to some I get a common response: “Yeah, but who would ever do that i...

6.7AI score
Exploits0
Fedora
Fedora
added 2018/03/28 11:51 p.m.11 views

[SECURITY] Fedora 27 Update: nmap-7.60-8.fc27

Nmap is a utility for network exploration or security auditing. It supports ping scanning determine which hosts are up, many port scanning techniques determine what services the hosts are offering, and TCP/IP fingerprinting remote host operating system identification. Nmap also offers flexible ta...

0.8AI score
Exploits0
pentestit
pentestit
added 2018/03/20 7:24 p.m.446 views

UPDATE: Nmap 7.70 Upgrade Available!

PenTestIT RSS Feed The first exciting Nmap release of 2018 is Nmap 7.70 with improved OS and service detection capabilities in addition to an improved Npcap 0.99-r2! None of us really need any introduction to this very popular “network mapper“ which now includes an additional 9 new NSE scripts!...

4.3CVSS6.1AI score0.09825EPSS
Exploits0
Kitploit
Kitploit
added 2017/10/20 1:11 p.m.15 views

objection - Runtime Mobile Exploration

objection is a runtime mobile exploration toolkit, powered by Frida. It was built with the aim of helping assess mobile applications and their security posture without the need for a jailbroken or rooted mobile device. The project's name quite literally explains the approach as well, whereby...

7.3AI score
Exploits0References3
GoogleProjectZero
GoogleProjectZero
added 2017/10/03 12:0 a.m.44 views

Over The Air - Vol. 2, Pt. 2: Exploiting The Wi-Fi Stack on Apple Devices

Posted by Gal Beniamini, Project Zero In this blog post we’ll continue our journey towards over-the-air exploitation of the iPhone, by means of Wi-Fi communication alone. This part of the research will focus on the firmware running on Broadcom’s Wi-Fi SoC present on the iPhone 7. We’ll begin by...

10CVSS9AI score0.09129EPSS
Exploits3
Openbugbounty
Openbugbounty
added 2017/06/02 9:46 p.m.9 views

longview.explore-wyoming.us XSS vulnerability

Vulnerable URL: http://longview.explore-wyoming.us/profile/Demographicsbyzipcode.asp?zipcode=%3Csvg/onload=alert/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| Yes, at 29.07.2017 Latest check for patch:| 29.07.2017 19:29 GMT Vulnerability type:| XSS Vulnerability status:| Publicl...

6.2AI score
Exploits0
hackapp
hackapp
added 2017/03/12 2:53 p.m.12 views

Survival Craft: Exploration - Corrupted files, Dynamic Code Loading, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application Survival Craft: Exploration published at the 'play' market has multiple vulnerabilities...

0.8AI score
Exploits0References1Affected Software1
n0where
n0where
added 2016/06/16 2:53 a.m.82 views

Capture Windows Kernel Activity: Fibratus

Capture Windows Kernel Activity: Fibratus Tool for exploration and tracing of the Windows kernel Fibratus is a tool which is able to capture the most of the Windows kernel activity – process/thread creation and termination, file system I/O, registry, network activity, DLL loading/unloading and mu...

Exploits0References2
myhack58
myhack58
added 2016/04/14 12:0 a.m.147 views

Tools recommended: Scanner Routerhunter, the router vulnerability scanner-vulnerability warning-the black bar safety net

! 0×0 0 Preface We will introduce a Automatic mining router vulnerability test tools, it can be automated on the Internet a wide range of search contains a vulnerability in the routing test, further confirmed these vulnerabilities, which relates to the D-link multiple router. The tool is using...

7.8AI score
Exploits0
hackapp
hackapp
added 2016/04/03 7:30 a.m.16 views

Exploration Lite - Suspicious files vulnerabilities

HackApp vulnerability scanner discovered that application Exploration Lite published at the 'play' market has multiple vulnerabilities...

Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:45 a.m.10 views

World Craft 2: Exploration - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application World Craft 2: Exploration published at the 'play' market has multiple vulnerabilities...

1.2AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:44 a.m.12 views

Crafty World Exploration - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Crafty World Exploration published at the 'play' market has multiple vulnerabilities...

1.1AI score
Exploits0References1Affected Software1
Kitploit
Kitploit
added 2016/03/17 10:19 p.m.40 views

Ruby-Nmap - A Rubyful interface to the Nmap exploration tool and security / port scanner

A Ruby interface to nmap , the exploration tool and security / port scanner. Features Provides a Ruby interface for running nmap. Provides a Parser for enumerating nmap XML scan files. Examples Run Nmap from Ruby: require 'nmap/program' Nmap::Program.scan do |nmap| nmap.synscan = true...

7.3AI score
Exploits0References2
Packet Storm
Packet Storm
added 2015/09/18 12:0 a.m.70 views

iBooking CMS SQL Injection

VENTOR: www.ibooking.com.br Vulnerable versions: ALL File: filtrofaixaetaria.php Parameter: idPousadaGET DORK: intext:"Desenvolvido por ibooking" Reported: 15/10/2015 --------------------------------------------------------------------------------- AUTOR: Cleiton Pinheiro / Nick: googleINURL EMAI...

0.2AI score
Exploits0
Kitploit
Kitploit
added 2014/08/26 2:2 p.m.34 views

Nmap 6.47 - Free Security Scanner For Network Exploration & Security Audits

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols UDP, TCP, ICMP, etc...

7.6AI score
Exploits0
Kitploit
Kitploit
added 2014/06/09 1:26 p.m.14 views

Snoopy - A distributed tracking and data interception framework

Snoopy is a distributed tracking and profiling framework which can perform interesting tracking and profiling of mobile users through the use of WiFi. There have been recent initiatives from numerous governments to legalise the monitoring of citizens’ Internet based communications web sites...

7.7AI score
Exploits0References1
Rows per page
Query Builder