Classyfrieds <= 3.8 - Authenticated Arbitrary File Upload to RCE

The plugin does not properly check the uploaded file when an authenticated user adds a listing, only checking the content-type in the request. This allows any authenticated user to upload arbitrary PHP files via the Add Listing feature of the plugin, leading to RCE. POST /addalisting/ HTTP/1.1...

CVE-2016-10666

tomita-parser is a Node wrapper for Yandex Tomita Parser tomita-parser downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker i...

Oracle Knowledge Management XXE Leading to a RCE

Vulnerability Summary The following advisory describe Information Disclosure found in Oracle Knowledge Management version 8.5.1. By enabling searches across a wide variety of sources, Oracle’s InQuira knowledge management products offer simple and convenient ways for users to access knowledge tha...

Buffer Overflow in the Management Web Interface

Palo Alto Networks web management server improperly handles a buffer overflow. This can result in a possible remote code execution RCE. Ref PAN-63073/102953/CVE-2016-9150 An attacker with network access to the management web interface may be able to perform a remote code execution RCE or...

The Project Zero Contest — Google will Pay you $200,000 to Hack Android OS

Why waiting for researchers and bug hunters to know vulnerabilities in your products, when you can just throw a contest for that. Google has launched its own Android hacking contest with the first prize winner receiving $200,000 in cash. That's a Hefty Sum! The contest is a way to find and destro...

Symantec Web Gateway 5.0.3.18 LFI Remote ROOT RCE Exploit

No description provided by source. !/usr/bin/python ''' The original patch for the Symantec Web Gateway 5.0.2 LFI vulnerability removed the /tmp/networkScript file but left the entry in /etc/sudoers, allowing us to simply recreate the file and obtain a root shell using a different LFI...

Microsoft Windows无效指针本地权限提升漏洞（MS09-006）

BUGTRAQ ID: 34025 CVECAN ID: CVE-2009-0083 Microsoft Windows是微软发布的非常流行的操作系统。 Windows内核没有正确地处理特制的无效指针，拥有有效登录凭据的本地攻击者可以利用这个漏洞执行任意内核态代码，然后可以安装程序；查看、更改或删除数据；或创建拥有完全用户权限的新帐号。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows XP Professional x64 Edition Microsoft Windows Server 2003 S...