Zenbuster - Multi-threaded URL Enumeration/Brute-Forcing Tool

ZenBuster is a multi-threaded, multi-platform URL enumeration tool written in Python by Zach Griffin @0xTas. I wrote this tool as a way to deepen my familiarity with Python, and to help increase my understanding of Cybersecurity tooling in general. ZenBuster may not be the fastest or most...

Phraseanet 4.0.7 - Cross-Site Scripting

Phraseanet 4.0.7 - Cross-Site Scripting Exploit title: Stored XSS vulnerability in Phraseanet DAM Open Source software Date: 10/10/2018 Exploit Author: Krzysztof Szulski Vendor Homepage: https://www.phraseanet.com Software Link also VM: https://www.phraseanet.com/en/download/ Version affected:...

Phraseanet < 4.0.7 - Cross-Site Scripting

Exploit title: Stored XSS vulnerability in Phraseanet DAM Open Source software Date: 10/10/2018 Exploit Author: Krzysztof Szulski Vendor Homepage: https://www.phraseanet.com Software Link also VM: https://www.phraseanet.com/en/download/ Version affected: 4.0.3 4.0.4-dev and below Version fixed:...

Phraseanet < 4.0.7 - Cross-Site Scripting Vulnerability

Exploit for multiple platform in category web applications Exploit title: Stored XSS vulnerability in Phraseanet DAM Open Source software Exploit Author: Krzysztof Szulski Vendor Homepage: https://www.phraseanet.com Software Link also VM: https://www.phraseanet.com/en/download/ Version affected:...

Phraseanet DAM Cross Site Scripting

Exploit title: Stored XSS vulnerability in Phraseanet DAM Open Source software Date: 10/10/2018 Exploit Author: Krzysztof Szulski Vendor Homepage: https://www.phraseanet.com Software Link also VM: https://www.phraseanet.com/en/download/ Version affected: 4.0.3 4.0.4-dev and below Version fixed:...

Chamilo LMS 1.9.10 /main/calendar/agenda_list.php 跨站脚本漏洞

I. Overview ======================================================== Chamilo LMS 1.9.10 or prior versions are prone to a multiple Cross-Site Scripting Stored + Reflected & CSRF vulnerabilities. These vulnerabilities allows an attacker to gain control over valid user accounts in LMS, perform...

Chamilo LMS 1.9.10 - Multiple Vulnerabilities

Exploit for php platform in category web applications I. Overview ======================================================== Chamilo LMS 1.9.10 or prior versions are prone to a multiple Cross-Site Scripting Stored + Reflected & CSRF vulnerabilities. These vulnerabilities allows an attacker to gain...

Chamilo LMS 1.9.10 - Multiple Vulnerabilities

I. Overview ======================================================== Chamilo LMS 1.9.10 or prior versions are prone to a multiple Cross-Site Scripting Stored + Reflected & CSRF vulnerabilities. These vulnerabilities allows an attacker to gain control over valid user accounts in LMS, perform...

Chamilo LMS 1.9.10 - Multiple Vulnerabilities

Chamilo LMS 1.9.10 - Multiple Vulnerabilities I. Overview ======================================================== Chamilo LMS 1.9.10 or prior versions are prone to a multiple Cross-Site Scripting Stored + Reflected & CSRF vulnerabilities. These vulnerabilities allows an attacker to gain control...

Anonymous Offline File-Sharing and Communications System: PirateBox

PirateBox creates offline wireless networks designed for anonymous file sharing, chatting, message boarding, and media streaming. You can think of it as your very own portable offline Internet in a box! When users join the PirateBox wireless network and open a web browser, they are automatically...

Scientific Linux Security Update : lftp on SL5.x i386/x86_64

CVE-2007-2348 lftp mirror --script does not escape names and targets of symbolic links It was discovered that lftp did not properly escape shell metacharacters when generating shell scripts using the 'mirror --script' command. A mirroring script generated to download files from a malicious FTP...

CentOS 5 : lftp (CESA-2009:1278)

An updated lftp package that fixes one security issue and various bugs is now available for Red Hat Enterprise Linux 5. This update has been rated as having low security impact by the Red Hat Security Response Team. LFTP is a sophisticated file transfer program for the FTP and HTTP protocols. Lik...

lftp security update

CentOS Errata and Security Advisory CESA-2009:1278 An updated lftp package that fixes one security issue and various bugs is now available for Red Hat Enterprise Linux 5. This update has been rated as having low security impact by the Red Hat Security Response Team. LFTP is a sophisticated file...

Low: Red Hat Security Advisory: lftp security and bug fix update

An updated lftp package that fixes one security issue and various bugs is now available for Red Hat Enterprise Linux 5. This update has been rated as having low security impact by the Red Hat Security Response Team. LFTP is a sophisticated file transfer program for the FTP and HTTP protocols. Lik...