CVE-2018-5384 Navarino Infinity web interface up to version 2.2 exposes an unauthenticated script that is prone to blind sql injection

Navarino Infinity web interface up to version 2.2 exposes an unauthenticated script that is prone to blind sql injection. If successfully exploited the user can get info from the underlying postgresql database that could lead into to total compromise of the product. The said script is available...

CVE-2018-5386

CVE-2018-5386 affects Navarino Infinity web interface (up to version 2.2). The vulnerability allows a remote attacker to bypass authentication by exploiting functions placed in the URL, leading to an information leak. According to the NVD entry, the CVSS-3.0 base score is 7.5 (HIGH) with network ...

CVE-2018-5384

CVE-2018-5384 affects Navarino Infinity web interface up to version 2.2. The vulnerability is an unauthenticated, blind SQL injection in a exposed script, enabling an attacker to query the underlying PostgreSQL database and potentially achieve total compromise of the product. The CVE is documente...

CVE-2018-5385

CVE-2018-5385 affects Navarino Infinity web interface (up to version 2.2). The vulnerability arises from accepting the session ID as a GET parameter, enabling session fixation that can bypass two-factor authentication in some installations, with potential phishing implications. The linked sources...

Activision Infinity Ward Call of Duty Modern Warfare 2 - Buffer Overflow

Activision Infinity Ward Call of Duty Modern Warfare 2 - Buffer Overflow Exploit Title: Stack-based buffer overflow in Activision Infinity Ward Call of Duty Modern Warfare 2 Date: 14-12-2017 Exploit Author: Maurice Heumann Contact: https://twitter.com/momo5502?lang=en Website: https://momo5502.co...

Activision Infinity Ward Call of Duty Modern Warfare 2 - Buffer Overflow Exploit

Exploit for windows platform in category remote exploits Exploit Title: Stack-based buffer overflow in Activision Infinity Ward Call of Duty Modern Warfare 2 Exploit Author: Maurice Heumann Contact: https://twitter.com/momo5502?lang=en Website: https://momo5502.com/ CVE: CVE-2018-10718 Category:...

Activision Infinity Ward Call of Duty Modern Warfare 2 - Buffer Overflow

Exploit Title: Stack-based buffer overflow in Activision Infinity Ward Call of Duty Modern Warfare 2 Date: 14-12-2017 Exploit Author: Maurice Heumann Contact: https://twitter.com/momo5502?lang=en Website: https://momo5502.com/ CVE: CVE-2018-10718 Category: webapps 1. Description By sending a...

Infinity Market Classified Ads Script 1.6.2 - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications Exploit Title: Infinity Market Classified Ads Script 1.6.2 - Cross-Site Request Forgery Exploit Author: L0RD Vendor Homepage: https://codecanyon.net/item/classifieds-multipurpose-portal-infinity-market/16572285?srank=1520 Version: 1.6.2 Tested...

Infinity Market Classified Ads Script 1.6.2 - Cross-Site Request Forgery

Exploit Title: Infinity Market Classified Ads Script 1.6.2 - Cross-Site Request Forgery Date: 2018-05-18 Exploit Author: L0RD Vendor Homepage: https://codecanyon.net/item/classifieds-multipurpose-portal-infinity-market/16572285?srank=1520 Version: 1.6.2 Tested on: Kali linux Description : CSRF...

CVE-2018-10718

Stack-based buffer overflow in Activision Infinity Ward Call of Duty Modern Warfare 2 before 2018-04-26 allows remote attackers to execute arbitrary code via crafted packets...

CVE-2018-10718

Stack-based buffer overflow in Activision Infinity Ward Call of Duty Modern Warfare 2 before 2018-04-26 allows remote attackers to execute arbitrary code via crafted packets...

CVE-2018-10718

The CVE-2018-10718 vulnerability affects Activision Blizzard Infinity Ward Call of Duty: Modern Warfare 2 (pre-2018-04-26). Description: a stack-based buffer overflow in the game allows remote attackers to execute arbitrary code by sending crafted network packets. Technical details across connect...

Navarino Infinity Session Fixation Vulnerability

Navarino Infinity is a maritime bandwidth management and optimization solution from Navarino Greece. The solution can be used to equip many types of vessels. A session fixation vulnerability exists in Navarino Infinity version 2.1.7. A remote attacker can exploit this vulnerability to hijack...

Navarino Infinity SQL Injection Vulnerability

Navarino Infinity is a maritime bandwidth management and optimization solution from Navarino Greece. The solution can be used to equip many types of vessels. A SQL injection vulnerability exists in Navarino Infinity version 2.1.7. A remote attacker could exploit the vulnerability to inject SQL...

Navarino Infinity Security Bypass Vulnerability

Navarino Infinity is a maritime bandwidth management and optimization solution from Navarino Greece. The solution can be used to equip many types of vessels. A security vulnerability exists in Navarino Infinity version 2.1.7. A remote attacker could exploit the vulnerability to bypass the...

Navarino Infinity web interface is affected by multiple vulnerabilities.

Overview Navarino Infinity web interface up to version 2.2 is affected by multiple vulnerabilities. Description CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' - CVE-2018-5384| Navarino Infinity exposes an unauthenticated script that is prone to blind sq...

Navarino Infinity Blind SQL Injection / Session Fixation

There is also a blog post about that on: https://medium.com/@evstykas/pwning-ships-vsat-for-fun-and-profit-ba0fe9f42fb3 Vulnerability Security Advisory ======================================================================= title: Multiple vulnerabilities product: All Navarino infinity products...

EulerOS 2.0 SP1 : libsndfile (EulerOS-SA-2017-1243)

According to the versions of the libsndfile package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out of bounds read in the function d2alawarray in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure,...

EulerOS 2.0 SP2 : libsndfile (EulerOS-SA-2017-1244)

According to the versions of the libsndfile package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out of bounds read in the function d2alawarray in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure,...

CVE-2017-14246

An out of bounds read in the function d2ulawarray in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values...