MyBB 1.8.10 Server-Side Request Forgery

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Server Side Request Forgery SSRF Vulnerability product: MyBB vulnerable version: 1.8.10 fixed version: 1.8.11 CVE number: CVE-2017-7566 impact: Medium homepage:...

Tweek!DM Document Management Bypass / SQL Injection

https://www.osisecurity.com.au/tweekdm-document-management-authentication-bypass-sql-injection-vulnerabilities.html Date: 04-Apr-2017 Product: Tweek!DM Document Management Versions affected: Unknown Vulnerabilities: 1 Authentication bypass - the software sends a 301 Location redirect back to the...

SilverStripe CMS 3.1.9 Path Disclosure

https://www.osisecurity.com.au/silverstripe-cms---path-disclosure.html Date: 04-Apr-2017 Product: SilverStripe CMS Versions affected: 3.1.9 and below. Vulnerability: Path disclosure. Example URL: http://target/dev/build/ Path reported: /home/target/publichtml/framework/dev/DebugView.php...

Steam Profile Integration 2.0.11 - SQL injection Vulnerability

Exploit for php platform in category web applications Exploit Title: IPS Community Suite - Steam Profile Integration 2.0.11 and below SQL injection Google Dork: inurl:tab=nodesteamsteamprofile Date: 13/03/2017 Exploit Author: DrWhat Vendor Homepage:...

CVE-2016-7944

Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INTMAX, which triggers the client to stop reading data and get out of sync...

ATutor 2.2.2 - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications Exploit Title: ATutor2.2.2 Learning Management System Cross-Site Request Forgery Add New Course Date: 13-11-2016 Software Link: https://github.com/atutor/ATutor/releases/tag/atutor222 Vendor: http://www.atutor.ca/ Exploit Author: Saravana Kuma...

ATutor 2.2.2 - Cross-Site Request Forgery (Add New Course)

Exploit Title: ATutor2.2.2 Learning Management System Cross-Site Request Forgery Add New Course Date: 13-11-2016 Software Link: https://github.com/atutor/ATutor/releases/tag/atutor222 Vendor: http://www.atutor.ca/ Exploit Author: Saravana Kumar Contact: https://facebook.com/06saravanakumar...

FreePBX Remote Command Execution

Title : Freepbx =begin Freepbx 13.x are vulnerable to Remote command execution due to the insuffecient sanitization of the user input fields language,destination and also due to the lack of good authentication checking Technical details Vulnerable file :...

Zabbix 3.0.3 SQL Injection

========================================== Title: Zabbix 3.0.3 SQL Injection Vulnerability Product: Zabbix Vulnerable Versions: 2.2.x, 3.0.x Fixed Version: 3.0.4 Homepage: http://www.zabbix.com Patch link: https://support.zabbix.com/browse/ZBX-11023 Credit: 1N3@CrowdShield...

WSO2 SOA Enablement Server Cross Site Scripting

Title: WSO2 SOA Enablement Server - Reflected Cross-Site Scripting Authors: Jakub Pałaczyński, Łukasz Juszczyk Date: 08. April 2016 Affected Software: ============= WSO2 SOA Enablement Server for Java/6.6 build SSJ-6.6-20090827-1616 Probably other versions are also vulnerable. Proof of Concept:...

WordPress User Frontend Plugin < 2.3.11 - Unrestricted Arbitrary File Upload

Exploit for php platform in category web applications ''' Exploit Title: WordPress WP User Frontend Plugin Unrestricted File Upload Discovery Date: 2016-02-04 Public Disclosure: 2016-02-08 Exploit Author: Panagiotis Vagenas Contact: https://twitter.com/panVagenas Vendor Homepage: https://wedevs.c...

WordPress Plugin Albo Pretorio Online 3.2 - Multiple Vulnerabilities

Exploit Title: Albo Pretorio Online 3.2 Multiple Vulnerabilities Google Dork: inurl:/?action=visatto Date: 09/06/2015 Exploit Author: Alessandro Cingolani Vendor Homepage: http://plugin.sisviluppo.info/ Software Link: https://downloads.wordpress.org/plugin/albo-pretorio-on-line.3.2.zip Version: 3...

WordPress Plugin Zero-Day Vulnerability Affects Thousands of Sites

A critical zero-day vulnerability has been discovered in a popular WordPress plugin, called 'FancyBox for WordPress', which is being used by hundreds of thousands of websites running on the most popular Blogging Platform Wordpress. 0-DAY FLAW EXPLOITED IN THE WILD The security researchers at...

Symantec Encryption Management Server < 3.2.0 MP6 - Remote Command Injection Exploit

Symantec Encryption Management Server versions prior to 3.2.0 MP6 suffers from a remote command injection vulnerability. Title: Symantec Encryption Management Server - Remote Command Injection Vendor: Symantec Affected Product: Symantec Encryption Gateway Affected Versions: 3.2.0 MP6 Product...

RedaxScript 2.1.0 - Privilege Escalation Vulnerability

Exploit for php platform in category web applications Exploit Title: Privilege Escalation in RedaxScript 2.1.0 Date: 11-05-2014 Exploit Author: shyamkumar somana Vendor Homepage: http://redaxscript.com/ Version: 2.1.0 Tested on: Windows 8 Privilege Escalation in RedaxScript 2.1.0 RedaxScript 2.1....

RedaxScript 2.1.0 - Privilege Escalation

RedaxScript 2.1.0 - Privilege Escalation ​​​ Exploit Title: Privilege Escalation in RedaxScript 2.1.0 Date: 11-05-2014 Exploit Author: shyamkumar somana Vendor Homepage: http://redaxscript.com/ Version: 2.1.0 Tested on: Windows 8 Privilege Escalation in RedaxScript 2.1.0 RedaxScript 2.1.0 suffers...

Proticaret E-Commerce Script 3.0 - SQL Injection (1)

Proticaret E-Commerce Script 3.0 - SQL Injection 1 Document Title: ============ Proticaret E-Commerce Script v3.0 = SQL Injection Release Date: =========== 13 Nov 2014 Product & Service Introduction: ======================== Proticaret is a free e-commerce script. Abstract Advisory Information:...

Invision Power Board <= 3.3.4 unserialize Regex Bypass

No description provided by source. ?php / So this is the patch that sanitizes, static public function safeUnserialize $serialized // unserialize will return false for object declared with small cap o // as well as if there is any ws between O and : if isstring $serialized && strpos $serialized, \...

Novell Sentinel Log Manager <= 1.2.0.2 - Retention Policy Vulnerability

No description provided by source. Novell Sentinel Log Manager ver. =1.2.0.2 allows unauthenticated users configuring retention policies. Vendor informed: 2012/09/06 Patch Released: 2012/09/21 PoC: !/bin/bash TARGET=$1 PORT=8443 if $ -ne 1 ; then echo Usage: basename $0 target exit 1 fi echo POST...

SkyBlueCanvas CMS 1.1 r248-03 - Remote Command Execution

No description provided by source. Vulnerability in SkyBlueCanvas CMS Vulnerability Type: Remote Command Injection Version Affected: 1.1 r248-03 and probably prior versions Discovered by: Scott Parish - Center for Internet Security Vendor Information: SkyBlueCanvas is an easy-to-use Web Content...