Oracle Linux 7 : libsoup (ELSA-2024-9654)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-9654 advisory. 2.62.2-2.0.1 - Fixed CVE-2024-52530 for smuggling nullbytes in header names Orabug: 37289659 Tenable has extracted the preceding description block directly from...

NullSection - An Anti-Reversing Tool That Applies A Technique That Overwrites The Section Header With Nullbytes

NullSection is an Anti-Reversing tool that applies a technique that overwrites the section header with nullbytes. Install git clone https://github.com/MatheuZSecurity/NullSection cd NullSection gcc nullsection.c -o nullsection ./nullsection Advantage When running nullsection on any ELF, it could ...

Automattic: Multiple File Manipulation bugs in WP Super Cache

Summary I got redirected to report the vulnerabilities here by Brandon Kraft one of your developers, so I am reporting them here. Basically, the issue is caused because of insufficient filtering there is one but it can be bypassed For instance, in /wp-cache.php, you used: 1575: $page =...

Linux/x86-64 - Reverse Shell Shellcode (IPv6) (113 bytes)

BITS 64 ; reverse ip6 tcp shell ; size = 113 bytes depends of ip addr, default is ::1 ; nullbytes free depends only on ip addr, ; you could always and the ip add to remove ; the nulls like i did with the port ; it sleeps and then tries to recconect default 3 seconds ; ;shell =...

Internet Explorer 9 XSS Filter Bypass

No description provided by source. Internet Explorer 9 XSS Filter Bypass Discovered by: Jean Pascal Pereira [email protected] Vendor information: Internet Explorer formerly Microsoft Internet Explorer and Windows Internet Explorer, commonly abbreviated IE or MSIE is a series of graphical web...

Microsoft Internet Explorer 9 - Cross-Site Scripting Filter Bypass

Microsoft Internet Explorer 9 - Cross-Site Scripting Filter Bypass Internet Explorer 9 XSS Filter Bypass Discovered by: Jean Pascal Pereira Vendor information: "Internet Explorer formerly Microsoft Internet Explorer and Windows Internet Explorer, commonly abbreviated IE or MSIE is a series of...

Internet Explorer 9 XSS Filter Bypass

Exploit for windows platform in category dos / poc Internet Explorer 9 XSS Filter Bypass Discovered by: Jean Pascal Pereira Vendor information: "Internet Explorer formerly Microsoft Internet Explorer and Windows Internet Explorer, commonly abbreviated IE or MSIE is a series of graphical web...

Homepages Admin (index.php) => Auth Bypass Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

Mantis Bug Tracker 1.2.3 - db_type Local File Inclusion

Mantis Bug Tracker 1.2.3 - dbtype Local File Inclusion MantisBT library/adodb/adodb.inc.php ... 4109: 4110: $file = ADODBDIR."/drivers/adodb-".$db.".inc.php"; 4111: @includeonce$file; ... ==================================================================================== Tested on: Microsoft...