28 matches found
EUVD-2008-6956
Malware in sbrugna...
EUVD-2019-15215
Malware in sbrugna...
eClass LMS 6.2.0 Shell Upload
==================================================================================================================================== | Title : eClass LMS v6.2.0 shell upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits | | Vendo...
TAIF LMS 5.8.0 Shell Upload
==================================================================================================================================== | Title : TAIF LMS v5.8.0 shell upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits | | Vendor ...
CVE-2023-38817
An issue in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a local attacker to gain privileges via a crafted command to the echodriver.sys component. NOTE: the vendor's position is that the reported ability for user-mode applications to execute code as NT AUTHORITY\SYSTEM was "deactivated by...
Code injection
An issue in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a local attacker to gain privileges via a crafted command to the echodriver.sys component. NOTE: the vendor's position is that the reported ability for user-mode applications to execute code as NT AUTHORITY\SYSTEM was "deactivated by...
Inspect Element Echo.ac Security Vulnerability
Inspect Element Echo.ac is an application from Inspect Element, Inc. A security vulnerability exists in Inspect Element Echo.ac prior to version v.5.2.1.0, which stems from a vulnerability that allows a local attacker to gain privileges via the echodriver.sys component using a crafted command...
CVE-2023-38817
An issue in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a local attacker to gain privileges via a crafted command to the echodriver.sys component. NOTE: the vendor's position is that the reported ability for user-mode applications to execute code as NT AUTHORITY\SYSTEM was "deactivated by...
PT-2023-26610 · Inspect Element · Echo.Ac
Name of the Vulnerable Software and Affected Versions: Inspect Element Ltd Echo.ac version 5.2.1.0 Description: An issue in Inspect Element Ltd Echo.ac allows a local attacker to gain privileges via a crafted command to the echo driver.sys component. This issue has been reportedly used by various...
CVE-2023-38817
An issue in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a local attacker to gain privileges via a crafted command to the echodriver.sys component. NOTE: the vendor's position is that the reported ability for user-mode applications to execute code as NT AUTHORITY\SYSTEM was "deactivated by...
CVE-2023-38817
CVE-2023-38817 concerns Inspect Element Ltd Echo.ac v5.2.1.0. Red Hat and other sources confirm a local privilege escalation via a crafted command to the echo_driver.sys component, enabling a user to gain privileges (NT AUTHORITY\SYSTEM). The issue’s root cause is a problematic interaction with e...
CVE-2019-5641
Rapid7 InsightVM suffers from an information exposure issue whereby, when the user's session has ended due to inactivity, an attacker can use the Inspect Element browser feature to remove the login panel and view the details available in the last webpage visited by previous user...
CVE-2019-5641 Rapid7 InsightVM Information Disclosure after Logout
Rapid7 InsightVM suffers from an information exposure issue whereby, when the user's session has ended due to inactivity, an attacker can use the Inspect Element browser feature to remove the login panel and view the details available in the last webpage visited by previous user...
Rapid7 InsightVM 代码问题漏洞
Rapid7 InsightVM is a vulnerability scanning and management application from Rapid7 USA. A security vulnerability exists in Rapid7 InsightVM that stems from the presence of an information disclosure issue that allows an attacker to use the Inspect Element browser feature to delete the login panel...
Bazaar Web PHP Social Listings Shell Upload Vulnerability
-- Exploit Title: Bazaar Web PHP Social Listings Arbitrary File Upload Exploit Author: Sohel Yousef - email protected Software Link: https://codecanyon.net/item/bazaar-social-listing-shopping-web-php-template/23207913 Software Demo :https://xserver.app/apps/bazaar-web/index.php Category: webapps ...
CVE-2019-5640
Rapid7 Nexpose versions prior to 6.6.114 suffer from an information exposure issue whereby, when the user's session has ended due to inactivity, an attacker can use the inspect element browser feature to remove the login panel and view the details available in the last webpage visited by previous...
Design/Logic Flaw
Rapid7 Nexpose versions prior to 6.6.114 suffer from an information exposure issue whereby, when the user's session has ended due to inactivity, an attacker can use the inspect element browser feature to remove the login panel and view the details available in the last webpage visited by previous...
PT-2021-9120 · Rapid7 · Rapid7 Nexpose
Name of the Vulnerable Software and Affected Versions: Rapid7 Nexpose versions prior to 6.6.114 Description: The issue allows an attacker to expose information when a user's session has ended due to inactivity. By using the inspect element browser feature, an attacker can remove the login panel a...
h1-ctf: Hacky Holidays Writeup
On December 12th, 2020, the CTF became live and the scope that we are allowed to attack was In Scope Domain - hackyholidays.h1ctf.com Our main motive was to infiltrate his network and take him down. The challenges appeared one by one till 24th of December. Here we will be going through all the...
Ian Dunn: Path Disclosure Vulnerability
Hey , I'm Jamal in this report i want to show you a Vulnerability Found It In basic-google-maps-placemarks Pugin Description: Title : Path Disclosure Vulnerability Status : Unfixed Tested on : Firefox Author : Jamal Eddine Email : [email protected] Discovered : 2014/05/04 Report it : 2014/05/04...