EUVD-1999-1254

Malware in sbrugna...

EUVD-2017-17037

Malware in sbrugna...

Code injection

rConfig 3.9.5 could allow a remote authenticated attacker to traverse directories on the system. An attacker could send a crafted request to the ajaxGetFileByPath.php script containing hexadecimal encoded "dot dot" sequences %2f..%2f in the path parameter to view arbitrary files on the system...

Neowise CarbonFTP 1.4 - Insecure Proprietary Password Encryption Exploit

Title: Neowise CarbonFTP 1.4 - Insecure Proprietary Password Encryption Author: hyp3rlinx Vendor: CVE: CVE-2020-6857 import time, string, sys, argparse, os, codecs Fixed: updated for Python 3, the hex decode function was not working in Python 3 version. This should be compatible for Python 2 and ...

Design/Logic Flaw

On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "SEND data" log lines where passwords are encoded in hexadecimal. This affects the 1.1.2 Build 20141017 Rel.50749 firmware...

CVE-2017-8074

TP-Link TL-SG108E (1.0) is affected by CVE-2017-8074. A remote attacker could retrieve credentials from the SEND data log lines where passwords are encoded in hexadecimal, impacting firmware version 1.1.2 Build 20141017 Rel.50749. Documented impact includes unauthorized disclosure of credentials ...

x86_64 Linux shell_reverse_tcp with Password - Polymorphic Version

x8664 Linux shellreversetcp with Password - Polymorphic Version. Shellcode exploit for linx86-64 platform /--------------------------------------------------------------------------------------------------------------------- / Title: tcp reverse shell with password polymorphic version 122 bytes...

PT-2000-1070 · Microsoft · Hotmail

Name of the Vulnerable Software and Affected Versions: Hotmail affected versions not specified Description: The issue concerns the improper filtering of JavaScript code from a user's mailbox. This allows a remote attacker to execute JavaScript code by using hexadecimal codes to specify the...