332 matches found
ATCOM PBX IP01 / IP08 / IP4 / IP2G4A - Authentication Bypass
Exploit for hardware platform in category web applications Title: ATCOM PBX system , auth bypass exploit Author: i-Hmx contact : email protected Home : sec4ever.com Tested on : ATCOM IP01 , IP08 , IP4G and ip2G4A Details The mentioned system is affected by auth bypass flaw that allow an attacker ...
The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure or cause other effects.
The vulnerability of the Array.prototype.concat implementation in the Google Chrome browser engine’s V8 runtime arises due to buffer overflow. Exploiting this vulnerability can allow an attacker to cause a service failure, or possibly have other effects such as reading beyond the memory limit, by...
The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure or cause other effects.
The vulnerability in the WebKit/Source/core/layout/LayoutBlock.cpp function of the Google Chrome browser’s Blink kernel exists due to insufficient checking of input data. Exploiting this vulnerability can allow an attacker to cause a service failure the appearance of a “Assertion failure” window ...
Data Theft Hole Identified in LG G3 Smartphones
A group of researchers are encouraging any smartphone users who own an LG G3 to upgrade their devices after coming across a serious security vulnerability. If exploited the bug could enable an attacker to run arbitrary JavaScript, and lead to a handful of issues, including data theft, phishing...
The vulnerability of Firefox and Firefox ESR browsers allows attackers to bypass existing access restrictions and perform a redirect to a specified URL.
The vulnerability of Firefox and Firefox ESR browsers is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to bypass existing access restrictions and perform a redirect to a specified URL using specially crafted JavaScript code...
The vulnerability of the Firefox browser, which allows a hacker to gain access to protected information
The vulnerability of Firefox browsers is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to protected information through specially crafted JavaScript code that exploits errors in the configuration of...
IP Board 3.x CSRF - Token hjiacking Vulnerability
Usage Info Latest and propabbly previous IPB verions suffers on vulnerability, which allows attacker to steal CSRF token of specific user. Function, which allows users to share forum links, does not properly sanitize user input. Mentioned token is attached in request as GET parameter, so it's abl...
FlexCell Grid Control 5.6.9 - Remote File Overwrite Exploit
No description provided by source. HTML BODY b Author : Houssamix br/ br/ br/ FlexCell Grid Control 5.6.9 Remote File Overwrite Exploit br/ ExportToXML is vuln to br/ b/ object id=hsmx classid=clsid:2A7D9CCE-211A-4654-9449-718F71ED9644/object SCRIPT / Report for Clsid:...
MOD Guthabenhack 1.3 For Woltlab Burning Board SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8321/info MOD Guthabenhack For Woltlab Burning Board reported prone to an SQL injection vulnerability. It has been reported that MOD Guthabenhack fails to sufficiently sanitize user input. It has been reported that this m...
PHPJabbers Post Comments 3.0 Cookie Authentication Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/31467/info PHPJabbers Post Comments is prone to an authentication-bypass vulnerability because it fails to adequately verify user-supplied input used for cookie-based authentication. An attacker can exploit this...
logoshows bbs 2.0 (dd/ich) Multiple Vulnerabilities
No description provided by source. Logoshows BBS 2.0 DD ZoRLu yildirimordulari.com - z0rlu.blogspot.com - turkguvenligi.info ref: http://www.milw0rm.com/exploits/9389 vuln: http://www.logoshows.com/bbs/database/globepersonnel.mdb Logoshows BBS 2.0 ICH yildirimordulari.com - z0rlu.blogspot.com -...
Sagem Fast 3304-V2 - Authentication Bypass
No description provided by source. Title : Sagem F@st 3304-V2 Authentication Bypass Vendor : http://www.sagemcom.com Severity : High Tested on : Firefox, Google Chrome, Internet Explorer Tested Router : Sagem F@st 3304-V2 3304, 3464, 3504 may also be affected Date : 2014-09-04 Author : Yassine...
Firebug 1.03 Rep.JS Script Code Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23349/info Firebug is prone to a script-code-injection vulnerability because it fails to adequately escape user-supplied data. An attacker can exploit this issue to execute arbitrary script code in the context of the...
Sagem Fast 3304-V2 - Authentication Bypass (1)
Title : Sagem F@st 3304-V2 Authentication Bypass Vendor : http://www.sagemcom.com Severity : High Tested on : Firefox, Google Chrome, Internet Explorer Tested Router : Sagem F@st 3304-V2 3304, 3464, 3504 may also be affected Date : 2014-09-04 Author : Yassine Aboukir Contact : [email protected]...
IE Zero Day Used in Targeted Attacks Against Japanese Firms
Attackers exploiting a zero-day vulnerability in Microsoft’s Internet Explorer browser have compromised several popular local Japanese media outlets and have infected systems belonging to government, high tech and manufacturing organizations in Japan. Researchers at FireEye said the attacks appea...
McKesson Active-X 11.0.10.38 Enumeration
McKesson Rad Station ActiveX File/Variable Enumeration McKesson Rad Station File Enumeration This proof of concept will check if a file exists on the victim's machine or display the contents of an environmental variable. It uses the member OpenTextFile from DXVLauncherLib.McKLauncher and returns ...
FBI Used Firefox Exploit to Shutdown Illegal Site Running on Tor Network
TOR is the dark side of the Internet, the so-called dark web, which provides a safe haven to privacy advocates but is also where drugs, assassins for hire and other weird and illegal activities can allegedly be traded. A claimed zero-day vulnerability in Firefox 17 was used by the FBI to identify...
Firefox Zero-Day Exploit used by FBI to shutdown Child porn on Tor Network hosting; Tor Mail Compromised
TOR is the dark side of the Internet, the so-called dark web, which provides a safe haven to privacy advocates but is also where drugs, child pornography, assassins for hire and other weird and illegal activities can allegedly be traded. A claimed zero-day vulnerability in Firefox 17 was used by...
EspCMS 后台登录绕过漏洞再利用(再利用!)
简要描述: 声明下,此漏洞0413提交到360漏洞平台,之后0422官方修复了该漏洞。 现在提交到wooyun是绕过官方修复的方法,继续利用。 可以算是老漏洞提死回生,不应该算是同一个漏洞提交到两个地方,希望有关部门能够明白,尽管代码非常像。 详细说明:...
Microsoft Internet Explorer 8 - Fixed Col Span ID (Full ASLR + DEP Bypass) (MS12-037)
Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR + DEP Bypass MS12-037 function strtointstr return str.charCodeAt10x10000 + str.charCodeAt0; var free = "EEEE"; while free.length 500 free +=...