5019 matches found
Storefront - Enable Return to Last Folder
Enable return to last folder...
Icecream Apps Insecure File Permissions / Privilege Escalation
Exploit Title: Multiple Icecream Apps Local Privilege Escalation Date: 13/09/2016 Exploit Author: Tulpa Contact: [email protected] Author website: www.tulpa-security.com Vendor Homepage: icecreamapps.com Software Versions Affected: Icecream Ebook Reader 4.21 | Icecream Screen Recorder 4.21...
Battle.Net 1.5.0.7963 - Insecure File Permissions Privilege Escalation
Battle.Net 1.5.0.7963 - Insecure File Permissions Privilege Escalation Exploit Title: Battle.Net 1.5.0.7963 Local Privilege Escalation Date: 11/09/2016 Exploit Author: Tulpa Contact: [email protected] Author website: www.tulpa-security.com Vendor Homepage: www.battle.net Software Link:...
Battle.Net 1.5.0.7963 Privilege Escalation
Exploit Title: Battle.Net 1.5.0.7963 Local Privilege Escalation Date: 11/09/2016 Exploit Author: Tulpa Contact: [email protected] Author website: www.tulpa-security.com Vendor Homepage: www.battle.net Software Link: https://eu.battle.net/account/download/ Version: Version 1.5.0.7963 Tested...
Repetitive SMB Rename Command Attempts
Ransomwares access shared folder in order to encrypt files. Successful exploitation might lead to loss of sensitive data...
UBUNTU-CVE-2016-7162
The gfileremovedirectory function in file-utils.c in File Roller 3.5.4 through 3.20.2 allows remote attackers to delete arbitrary files via a symlink attack on a folder in an archive...
Ransomware Shared Folder Access
Ransomwares access shared folder in order to encrypt files. Successful exploitation might lead to loss of sensitive data...
LHF (Low Hanging Fruit) - A Modular Recon Tool For Pentesting
To install dependencies: ./Install.sh To start: ./LHF.py + Checking permissions - Rockyou wordlist is missing trying to decompress... + Rockyou wordlist is decompressed! - Please enter the ip to scan example 192.168.0.1 or www.target.com : A "results" folder will be created after inputting the...
A Modular Recon Tool: RECON
Low Hanging Fruit: a Modular Recon Tool for Penetration Testing Reconnaissance is the absolute most important step in a penetration test. A good recon of the target could net you some vital information and low hanging fruit. Thus RECON was created. A set and forget type of recon scanner. No need ...
nitroslider,1.0.0
nitroslider,1.0.0 open folder permissions update to 1.0.1 update notice: https://www.themechoice.com/joomla-extensions/nitro-layer-slider...
Code injection
Siemens SINEMA Server uses weak permissions for the application folder, which allows local users to gain privileges via unspecified vectors...
PHP Power Browse 1.2 Path Traversal
Exploit Title: PHP Power Browse v1.2 - Path Traversal Google Dork: intitle:PHP Power Browse inurl:browse.php Exploit Author: Manuel Mancera sinkmanu | sinkmanu at gmail dot com Software URL: https://github.com/arzynik/PHPPowerBrowse Version: 1.2 Vulnerability Type : Path traversal Severity : High...
User Download Folder Files
Nessus was able to generate a report of all files listed in the default user download folder. C Tenable Network Security, Inc. include"compat.inc"; if !definedfunc"nasllevel" || nasllevel 5200 exit0, "Not Nessus 5.2+"; if description scriptid92434; scriptversion"1.5"; scriptcvsdate"Date: 2018/05/...
InstantHMI 6.1 - Privilege Escalation
Exploit for windows platform in category local exploits Title: InstantHMI - EoP: User to ADMIN CWE Class: CWE-276: Incorrect Default Permissions Date: 01/06/2016 Vendor: Software Horizons Product: InstantHMI Version: 6.1 Download link: http://www.instanthmi.com/ihmisoftware.htm Tested on: Windows...
Linux Home Folder Accessible (HTTP)
The script attempts to identify files of a linux home folder accessible at the webserver. SPDX-FileCopyrightText: 2016 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-late...
The vulnerability of the Firefox browser allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability in the maintenanceinstaller.exe installer for Mozilla Firefox allows local users to elevate their privileges by placing a Trojan DLL file in the temporary folder during the update process...
The vulnerability in the Firefox ESR software allows a malicious individual to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability in the maintenanceinstaller.exe installer of Mozilla Firefox ESR allows local users to elevate their privileges by placing a Trojan DLL file in the temporary folder during the update process...
Veris: Email spoofing in [email protected]
Hey, I've found email spoofing vulnerability in [email protected] Issue: ======== When I try to send a fake email from [email protected] to my email [email protected] I was successful in sending a fake email to my inbox, this is an issue; because, fake mails should be sent into the 'spam' folde...
SSH Key Persistence
This module will add an SSH key to a specified user or all, to allow remote login via SSH at any time. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'sshkey' class MetasploitModule 'SSH Key Persistence',...
Nextcloud: Uploading files to a folder where invited user don't have any EDIT privilege
Hi, Any invited user to a shared folder with no edit privilege can create files in it through copy feature of Nextclod android app. Steps to reproduce it + Create any folder and invite a user in it without any edit privilege. + Now login from invited user account through android app. + Copy any...