Blackbone - Windows Memory Hacking Library

Blackbone, Windows Memory Hacking Library Features x86 and x64 support Process interaction Manage PEB32/PEB64 Manage process through WOW64 barrier Process Memory Allocate and free virtual memory Change memory protection Read/Write virtual memory Process modules Enumerate all 32/64 bit modules...

HTTP Client Automatic Exploiter 2 (Browser Autopwn)

This module will automatically serve browser exploits. Here are the options you can configure: The INCLUDEPATTERN option allows you to specify the kind of exploits to be loaded. For example, if you wish to load just Adobe Flash exploits, then you can set Include to 'adobeflash'. The EXCLUDEPATTER...

regex: heap overflow in regcomp() on 32-bit architectures

A heap buffer overflow flaw was found in the regcomp function of Henry Spencer's regular expression library. An attacker able to make an application process a specially crafted regular expression pattern with the regcomp function could cause that application to crash and possibly execute arbitrar...

SSL/TLS is the latest vulnerability ordination ceremony parsing-vulnerability warning-the black bar safety net

2 0 1 5 year 3 month, there are about 3 0% of the network communication is controlled by the RC4 to be protected. By“ordination ceremony”attack, the attacker may be in a particular environment just by sniffing the visit listen you can restore using RC4 to protect the encrypted information in plai...

Concrete CMS: Multiple Cross Site Request Forgery Vulnerabilities in Concrete5 version 5.7.3.1

Concrete5 implements a Synchronizer Token Pattern in order to provide anti-CSRF capabilities, which is done within the Concrete\Core\Validation\CSRF\Token class. However, the application fails to properly use this feature in every block or dashboard page which makes a system state change, such as...

Updated librsvg packages fix security vulnerabilities

Atte Kettunen's fuzz testing found several vulnerabilities in librsvg: - Invalid memory access caused by incorrect handling of a pattern paint server with an xlink:href to a unexpected type bgo744299 - Infinite loop in the handling of gradients bgo738169 - Heap-buffer-overflow when there's a...

WordPress Holding Pattern Theme Arbitrary File Upload Exploit

This module exploits a file upload vulnerability in all versions of the Holding Pattern theme found in the uploadfile.php script which contains no session or file validation. It allows unauthenticated users to upload files of any type and subsequently execute PHP scripts in the context of the web...

WordPress Webdorado Spider Event Calendar 1.4.9 - SQL Injection Vulnerability

Exploit for php platform in category web applications . Exploit Title: WordPress: Webdorado Spider Event Calendar = 1.4.9 SQL Injection Date: 2015-02-12 Exploit Author: Mateusz Lach Vendor Homepage: https://www.facebook.com/WebDorado or http://www.webdorado.com Software Link:...

WordPress Holding Pattern Theme Arbitrary File Upload

This module requires Metasploit: http://www.metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'socket' class Metasploit3 'WordPress Holding Pattern Theme Arbitrary File Upload', 'Description' = %q This module exploits a file upload...

WordPress Holding Pattern Theme Arbitrary File Upload (CVE-2015-1172)

An unauthorized file upload vulnerability has been reported in WordPress Holding Pattern Theme. A remote attacker could exploit this vulnerability by uploading a file to a server running the vulnerable application. Successful exploitation of this vulnerability could allow a remote attacker to...

WordPress Holding Pattern Theme 0.6 File Upload

File upload vulnerability in WordPress Holding Pattern Theme admin/upload-file.php Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...

[SECURITY] Fedora 21 Update: mutt-1.5.23-7.fc21

Mutt is a small but very powerful text-based MIME mail client. Mutt is highly configurable, and is well suited to the mail power user with advanced features like key bindings, keyboard macros, mail threading, regular expression searches and a powerful pattern matching language for selecting group...

[SECURITY] Fedora 20 Update: mutt-1.5.23-4.fc20

Mutt is a small but very powerful text-based MIME mail client. Mutt is highly configurable, and is well suited to the mail power user with advanced features like key bindings, keyboard macros, mail threading, regular expression searches and a powerful pattern matching language for selecting group...

WordPress Holding Pattern Theme Arbitrary File Upload

This module exploits a file upload vulnerability in all versions of the Holding Pattern theme found in the uploadfile.php script which contains no session or file validation. It allows unauthenticated users to upload files of any type and subsequently execute PHP scripts in the context of the web...

Unrestricted file upload

Unrestricted file upload vulnerability in admin/upload-file.php in the Holding Pattern theme aka holdingpattern 0.6 and earlier for WordPress allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in an...

WordPress Theme Holding Pattern - Arbitrary File Upload (Metasploit)

This module requires Metasploit: http://www.metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'socket' class MetasploitModule 'WordPress Holding Pattern Theme Arbitrary File Upload', 'Description' = %q This module exploits a file...

WordPress Holding Pattern Theme Arbitrary File Upload Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. WordPress Holding Pattern Theme suffers from an arbitrary file upload vulnerability due to the program failing to adequately...

Wordpress Theme Holding Pattern Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Theme Holding Pattern Arbitrary File Upload Vulnerability Source: https://github.com/heyjoeb/fenix/tree/master/wp-content/themes/holdingpattern Author: terrorist Email: email protected Team: GHC - Georgian Hacking...

Cisco 2900 Series Integrated Services Router Denial of Service Vulnerability

The Cisco 2900 Series Integrated Services Router is a network router device. A vulnerability in the Cisco 2900 Series Integrated Services Router's handling of the NBAR protocol lock allows an attacker to send a specially crafted IPv4 leopard pattern that can cause the router to reboot...

WordPress Holding Pattern Theme <= 0.6 - Unrestricted File Upload

This vulnerability allows an attacker to upload arbitrary files. The application uses limited validation which means unauthorized upload is allowed. Solution Update the theme...