40 matches found
EUVD-2010-4922
Malware in sbrugna...
pharmacie-prado-mermoz.com Cross Site Scripting vulnerability OBB-3846874
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
camaraantonioprado.rs.gov.br Cross Site Scripting vulnerability OBB-3368476
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Microsoft Windows Explorer Preview Pane Security Bypass Vulnerability
Previewing a WMA/WMV media format on Windows Explorer through its Preview Pane causes embedded URLs to be automatically opened in the default browser without displaying any prompt. Exploit Title: Windows Explorer Preview Pane WMV/WMA media Automatic URI Opening Vulnerability Exploit Author: Eduar...
Microsoft Windows 10 - Theme API 'ThemePack' File Parsing
Exploit Title: Microsoft Windows 10 - Theme API 'ThemePack' File Parsing Google Dork: n/a Date: 2020-10-28 Exploit Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: http://www.microsoft.com/ Version: 10 v.1803 17134.407 Tested on: Windows 7, 8.0, 8.1, 10, Serve...
Microsoft Windows VCF or Contact File - URL Manipulation-Spoof Arbitrary Code Execution Exploit
Exploit Title: Microsoft Windows 'VCF' or 'Contact' File URL Manipulation-Spoof Arbitrary Code Execution Vulnerability -- Remote Vector Exploit Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: http://www.microsoft.com/ Version: Windows 7 SP1, 8.1, 10 v.1809 wi...
Microsoft Windows VCF or Contact' File - URL Manipulation-Spoof Arbitrary Code Execution
Exploit Title: Microsoft Windows 'VCF' or 'Contact' File URL Manipulation-Spoof Arbitrary Code Execution Vulnerability -- Remote Vector Google Dork: N/A Date: January, 21 2019 Exploit Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: http://www.microsoft.com/...
Microsoft Windows SCF File Feature Bypass
Exploit Title: Microsoft Windows 'SCF' File 'Open File Security Warning' Feature Bypass Vulnerability Google Dork: N/A Date: August 3, 2018 Exploit Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: http://www.microsoft.com/ Version: Windows 7 SP1, 8.1 with full...
Microsoft Word 2007 (x86) - Information Disclosure Exploit
Exploit for windows platform in category local exploits Title: MS Office Word Information Disclosure Vulnerability Date: September 30th, 2017. Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: https://products.office.com/ Version: 2007 32-bits x86 Tested on:...
prado-tolima.gov.co XSS vulnerability
Open Bug Bounty ID: OBB-246522 Description| Value ---|--- Affected Website:| prado-tolima.gov.co Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Microsoft Windows Media Center - '.MCL' File Processing Remote Code Execution (MS16-059)
Exploit for windows platform in category remote exploits Exploit Title: Microsoft Windows Media Center .MCL File Processing Remote Code Execution Vulnerability MS16-059 Date: May 11th, 2016 Exploit Author: Eduardo Braun Prado Vendor Homepage : http://www.microsoft.com Version: All prior to May...
Microsoft Windows Media Center - .MCL File Processing Remote Code Execution (MS16-059)
Microsoft Windows Media Center - .MCL File Processing Remote Code Execution MS16-059 Exploit Title: Microsoft Windows Media Center .MCL File Processing Remote Code Execution Vulnerability MS16-059 Date: May 11th, 2016 Exploit Author: Eduardo Braun Prado Vendor Homepage : http://www.microsoft.com...
Microsoft Windows Media Center - '.MCL' File Processing Remote Code Execution (MS16-059)
Exploit Title: Microsoft Windows Media Center .MCL File Processing Remote Code Execution Vulnerability MS16-059 Date: May 11th, 2016 Exploit Author: Eduardo Braun Prado Vendor Homepage : http://www.microsoft.com Version: All prior to May 10th, 2016 update. Tested on: Windows Media Center running ...
Microsoft Windows Media Center Library - Parsing Remote Code Execution aka self-executing MCL File
Microsoft Windows Media Center Library - Parsing Remote Code Execution aka self-executing MCL File Title: Microsoft Windows Media Center Library Parsing RCE Vuln aka "self-executing" MCL file CVE-2015-6131 Software Vendor: Microsoft Software version : MS Windows Media Center latest version on any...
Microsoft Windows Media Center Library Parsing RCE Vulnerability aka "self-executing" MC
Exploit for windows platform in category remote exploits Title: Microsoft Windows Media Center Library Parsing RCE Vuln aka "self-executing" MCL file CVE-2015-6131 Software Vendor: Microsoft Software version : MS Windows Media Center latest version on any Windows OS. Software Vendor Homepage:...
PRADO PHP Framework 3.2.0 Arbitrary File Read Vulnerability
No description provided by source. PRADO PHP Framework 3.2.0 Arbitrary File Read Vulnerability Vendor: Prado Software Product web page: http://www.pradosoft.com Affected version: 3.2.0 r3169 Summary: PRADO is a component-based and event-driven programming framework for developing Web applications...
BREACH decodes HTTPS encrypted data in 30 seconds
A new hacking technique dubbed BREACH can extract login tokens, session ID numbers and other sensitive information from SSL/TLS encrypted web traffic in just 30 seconds. The technique was demonstrated at the Black Hat security conference in Las Vegas Presentation PDF & Paper by Gluck along with...
PRADO 3.2.0 File Disclosure
File disclosure vulnerability in PRADO sr parameter Vulnerability Type: File Disclosure For the exploit source code contact DSquare Security sales team...
Prado Framework sr Parameter Directory Traversal
The version of Prado Framework installed does not sanitize user input to 'sr' parameter of the 'test/testtools/functionaltests.php' before using it to return the contents of the file. An unauthenticated, remote attacker can exploit this issue to retrieve arbitrary files outside of the server's ro...
PRADO PHP Framework <= 3.2.0 Multiple Directory Traversal Vulnerabilities - Active Check
PRADO PHP Framework is prone to multiple directory traversal vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...