2153 matches found
JVN#95423049: The installer of Content Manager Assistant for PlayStation may insecurely load Dynamic Link Libraries
Content Manager Assistant for PlayStation provided by Sony Interactive Entertainment Inc. is a data transfer tool. The installer of Content Manager Assistant for PlayStation contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact...
[SECURITY] Fedora 26 Update: mupdf-1.11-9.fc26
MuPDF is a lightweight PDF viewer and toolkit written in portable C. The renderer in MuPDF is tailored for high quality anti-aliased graphics. MuPDF renders text with metrics and spacing accurate to within fractions of a pixel for the highest fidelity in reproducing the look of a printed page on...
Microsoft Windows Kernel CVE-2017-11851 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
BOHEMIA INTERACTIVE a.s.: IDOR to view User Order Information
NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to verify and then potentially issue a bounty, so be sure to take your time filling out the report! Description: There is a...
interactive.eda.admin.ch XSS vulnerability
Open Bug Bounty ID: OBB-392885 Description| Value ---|--- Affected Website:| interactive.eda.admin.ch Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Hashcat v4.0 - World's Fastest and Most Advanced Password Recovery Utility
hashcat is the world's fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and OSX, and has facilities to help enable...
Blue River Interactive Mura CMS XML External Entity Injection Vulnerability
Blue River Interactive Mura CMS is the United States Blue River Interactive company's set of CFML-based open source content management system CMS. The system supports user rights management , customizable templates and layouts , plug-in extensions and so on. A security vulnerability exists in the...
Fastest and Most Advanced Password Recovery Utility: Hashcat
hashcat is the world’s fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and macOS, and has facilities to help enab...
interactive.fr XSS vulnerability
Open Bug Bounty ID: OBB-363913 Description| Value ---|--- Affected Website:| interactive.fr Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...
Command Shell, Bind TCP (via python)
Creates an interactive shell via Python, encodes with base64 by design. Compatible with Python 2.4-2.7 and 3.4+. module MetasploitModule CachedSize = :dynamic include Msf::Payload::Single include Msf::Payload::Python include Msf::Sessions::CommandShellOptions def initializeinfo =...
CVE-2017-14331
Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the "exsh restricted shell" protection mechanism and obtain an interactive shell...
Authentication flaw
Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the "exsh restricted shell" protection mechanism and obtain an interactive shell...
CVE-2017-14331
Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the "exsh restricted shell" protection mechanism and obtain an interactive shell...
CVE-2017-14331
Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the "exsh restricted shell" protection mechanism and obtain an interactive shell...
CVE-2017-14331
Summary (CVE-2017-14331): Extreme EXOS 16.x, 21.x and 22.x have a vulnerability where the “exsh restricted shell” protection can be bypassed, allowing an interactive shell. The affected software is Extreme EXOS; the root cause is bypassing the restricted-shell mechanism. The CVSS data (NVD) indic...
Extreme EXOS Security Bypass Vulnerability
Extreme EXOS is a new generation modular switch operating system from Extreme Networks. A security bypass vulnerability exists in Extreme EXOS versions 16.x, 21.x, and 22.x. The vulnerability can be exploited to bypass the 'exsh restricted shell' protection mechanism and gain access to the...
Career Portal 1.0 SQL Injection
Exploit Title: Career Portal v1.0 - SQL Injection Date: 2017-10-17 Exploit Author: 8bitsec Vendor Homepage: https://codecanyon.net/item/career-portal-online-job-search-script/20767278 Software Link: https://codecanyon.net/item/career-portal-online-job-search-script/20767278 Version: 1.0 Tested on...
Career Portal 1.0 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Career Portal v1.0 - SQL Injection Date: 2017-10-17 Exploit Author: 8bitsec Vendor Homepage: https://codecanyon.net/item/career-portal-online-job-search-script/20767278 Software Link:...
Career Portal 1.0 - SQL Injection
Exploit Title: Career Portal v1.0 - SQL Injection Date: 2017-10-17 Exploit Author: 8bitsec Vendor Homepage: https://codecanyon.net/item/career-portal-online-job-search-script/20767278 Software Link: https://codecanyon.net/item/career-portal-online-job-search-script/20767278 Version: 1.0 Tested on...
Career Portal 1.0 - SQL Injection
Career Portal 1.0 - SQL Injection Exploit Title: Career Portal v1.0 - SQL Injection Date: 2017-10-17 Exploit Author: 8bitsec Vendor Homepage: https://codecanyon.net/item/career-portal-online-job-search-script/20767278 Software Link:...