20 matches found
Weak password vulnerability in Brickcom-MD-300Np-360P
Brickcom Corporation Brickcom is composed of R&D team with rich experience in surveillance industry, and develops digital surveillance products with advanced technology. Including Mega IP Camera, Wireless IP Camera, Video Server, 3G Video Transmission NVR Embedded Network DVR, CMS Client Platform...
TP-Link Archer CR-700 Cross Site Scripting
Exploit Title: TP-Link Archer CR-700 XSS vulnerability Google Dork: N/A Date: 09/07/2016 Exploit Author: Ayushman Dutta Vendor Homepage: http://www.tp-link.us/ Software Link: N/A Version: 1.0.6 REQUIRED Tested on: Linux CVE : N/A Exploit Information:...
TP-Link Archer CR-700 - Cross-Site Scripting
Exploit Title: TP-Link Archer CR-700 XSS vulnerability Google Dork: N/A Date: 09/07/2016 Exploit Author: Ayushman Dutta Vendor Homepage: http://www.tp-link.us/ Software Link: N/A Version: 1.0.6 REQUIRED Tested on: Linux CVE : N/A Exploit Information:...
Xerver 4.31, 4.32 HTTP Response Splitting
No description provided by source. Xerver 4.31, 4.32 HTTP Response Splitting Discovered: 04-10-08 By: SecureState R&D Team - sasquatch Vendor Notified: 04-11-08 Vendor Response: 04-13-08 New version also vulnerable: 10-07-09 Tested Win32 v4.32 Vendor Notified: 10-07-09 Vendor Response: NONE...
X-Cart Pro 4.0.13 - SQL Injection Proof of Concept
No description provided by source. X-Cart Pro v4.0.13 SQL Injection Proof of Concept Discovered By: s4squatch of SecureState R&D Team www.securestate.com Discovered: Mon, 08 Sep 2008 20:29:07 GMT Version: 4.0.13 obtained from www.website.com/README Can't find reference to this old vuln elsewhere...
LifeSize Room Vulnerabilities
Discovered: 07-13-11 By: Spencer McIntyre zeroSteiner SecureState R&D Team www.securestate.com Background: ----------- Multiple vulnerabilities within the LifeSize Room appliance. Vulnerability Summaries: ------------------------ Login page can be bypassed, granting administrative access to the w...
LifeSize Room Command Injection
Exploit for php platform in category web applications require 'msf/core' class Metasploit3 'LifeSize Room Command Injection', 'Description' = %q This module exploits a vulnerable resource in LifeSize Room versions 3.5.3 and 4.7.18 to inject OS commmands. LifeSize Room is an appliance and thus the...
MagnetoSoft NetworkResources Active-X NetFileClose SEH Overwrite
'Magneto Software Net Resource ActiveX NetFileClose SEH Overwrite POC 'Discovered by: s4squatch of SecureState R&D Team 'Site: www.securestate.com 'Date Discovered: 02/11/10 'www: http://www.magnetosoft.com/products/sknetresource/sknetresourcefeatures.htm 'Download:...
MagnetoSoft NetworkResources 4.0.0.5 - ActiveX NetFileClose Overwrite (SEH) (PoC)
MagnetoSoft NetworkResources 4.0.0.5 - ActiveX NetFileClose Overwrite SEH PoC 'Magneto Software Net Resource ActiveX NetFileClose SEH Overwrite POC 'Discovered by: s4squatch of SecureState R&D Team 'Site: www.securestate.com 'Date Discovered: 02/11/10 'www:...
MagnetoSoft NetworkResources ActiveX NetFileClose SEH Overwrite POC
Exploit for windows platform in category dos / poc =================================================================== MagnetoSoft NetworkResources ActiveX NetFileClose SEH Overwrite POC =================================================================== 'Magneto Software Net Resource ActiveX...
X-Cart Pro v4.0.13 SQL Injection Proof of Concept
Exploit for unknown platform in category web applications ================================================= X-Cart Pro v4.0.13 SQL Injection Proof of Concept ================================================= X-Cart Pro v4.0.13 SQL Injection Proof of Concept Discovered By: s4squatch of SecureState...
Cisco Collaboration Server 5 - Cross-Site Scripting / Source Code Disclosure
Cisco Collaboration Server 5 XSS, Source Code Disclosure Discovered by: s4squatch of SecureState R&D Team www.securestate.com Discovered: 08/26/2008 Note: End of Engineering -- http://www.cisco.com/en/US/products/sw/custcosw/ps747/prodeolnotice09186a008032d4d0.html Replaced with:...
RSA - SecurID Cross-Site Scripting
RSA - SecurID Cross-Site Scripting Discovered 12-11-2008 Discovered By: s4squatch of SecureState R&D Team www.securestate.com Vendor Notified: 10-07-2009 Vendor Response: 10-08-2009 Version: Unknown -- DLL does not contain version, therefore vendor says it is outdated and not supported. POC:...
RSA SecurID XSS Vulnerability
Exploit for unknown platform in category web applications ============================= RSA SecurID XSS Vulnerability ============================= Discovered 12-11-2008 Discovered By: s4squatch of SecureState R&D Team www.securestate.com Vendor Notified: 10-07-2009 Vendor Response: 10-08-2009...
Xerver 4.31, 4.32 HTTP Response Splitting
Discovered: 04-10-08 By: SecureState R&D Team - sasquatch Vendor Notified: 04-11-08 Vendor Response: 04-13-08 Vendor Notified: 10-07-09 Vendor Response: NONE Published: 11-18-09 Proof of Concept:...
Xerver 4.314.32 - HTTP Response Splitting
Xerver 4.314.32 - HTTP Response Splitting Xerver 4.31, 4.32 HTTP Response Splitting Discovered: 04-10-08 By: SecureState R&D Team - sasquatch Vendor Notified: 04-11-08 Vendor Response: 04-13-08 New version also vulnerable: 10-07-09 Tested Win32 v4.32 Vendor Notified: 10-07-09 Vendor Response: NON...
Xerver 4.31/4.32 - HTTP Response Splitting
Xerver 4.31, 4.32 HTTP Response Splitting Discovered: 04-10-08 By: SecureState R&D Team - sasquatch Vendor Notified: 04-11-08 Vendor Response: 04-13-08 New version also vulnerable: 10-07-09 Tested Win32 v4.32 Vendor Notified: 10-07-09 Vendor Response: NONE Published: 11-18-09 Proof of Concept:...
Xerver 4.31, 4.32 HTTP Response Splitting
Exploit for unknown platform in category web applications ========================================= Xerver 4.31, 4.32 HTTP Response Splitting ========================================= Xerver 4.31, 4.32 HTTP Response Splitting Discovered: 04-10-08 By: SecureState R&D Team - sasquatch Vendor...
Xerver 4.31 4.32 HTTP Response Splitting
No description provided by source. Xerver 4.31, 4.32 HTTP Response Splitting Discovered: 04-10-08 By: SecureState R&D Team - sasquatch Vendor Notified: 04-11-08 Vendor Response: 04-13-08 New version also vulnerable: 10-07-09 Tested Win32 v4.32 Vendor Notified: 10-07-09 Vendor Response: NONE...
MoinMoin Wiki Engine XSS Vulnerability
MoinMoin Wiki Engine Cross-Site Scripting Discovered by: SecureState R&D Team sasquatch Website: www.securestate.com Discovered: 01-08-09 Vendor Notified: 01-08-09 Vendor Fix Issued: 01-11-09 http://hg.moinmo.in/moin/1.8/rev/8cb4d34ccbc1 Vendor Fix: Upgrade to version 1.8.1 Public Posting: 01-19-...