mosh - Mobile Shell replacement for SSH (more robust and responsive, especially over Wi-Fi, cellular, and long-distance links)

Mosh is a remote terminal application that supports intermittent connectivity, allows roaming, and provides speculative local echo and line editing of user keystrokes. It aims to support the typical interactive uses of SSH, plus: Mosh keeps the session alive if the client goes to sleep and wakes ...

CVE-2017-5419

If a malicious site repeatedly triggers a modal authentication prompt, eventually the browser UI will become non-responsive, requiring shutdown through the operating system. This is a denial of service DOS attack. This vulnerability affects Firefox 52 and Thunderbird 52...

Multireligion Responsive Matrimonial Script 4.7.1 - SQL Injection

Multireligion Responsive Matrimonial Script 4.7.1 - SQL Injection Exploit Title: Multireligion Responsive Matrimonial Script v4.7.1 - SQL Injection Google Dork: N/A Date: 06.03.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software :...

Responsive Matrimonial Script 4.0.1 - SQL Injection

Exploit Title: Responsive Matrimonial Script v4.0.1 - SQL Injection Google Dork: N/A Date: 06.03.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software : http://www.phpscriptsmall.com/product/responsive-matrimonial/ Demo: http://74.124.215.220/responsivematri/ Version: 4.0.1 Tested on: Win...

Multireligion Responsive Matrimonial Script 4.7.1 SQL Injection

Exploit Title: Multireligion Responsive Matrimonial Script v4.7.1 - SQL Injection Google Dork: N/A Date: 06.03.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software : http://www.phpscriptsmall.com/product/multireligion-responsive-matrimonial/ Demo:...

Responsive Matrimonial Script 4.0.1 SQL Injection

Exploit Title: Responsive Matrimonial Script v4.0.1 - SQL Injection Google Dork: N/A Date: 06.03.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software : http://www.phpscriptsmall.com/product/responsive-matrimonial/ Demo: http://74.124.215.220/responsivematri/ Version: 4.0.1 Tested on: Win...

Responsive Events Movie Ticket Booking Script - SQL Injection

Responsive Events Movie Ticket Booking Script - SQL Injection Exploit Title: Responsive Events & Movie Ticket Booking Script - SQL Injection Google Dork: N/A Date: 06.03.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software :...

catalog.ucdenver.edu XSS vulnerability

Vulnerable URL: http://catalog.ucdenver.edu/portfolionopop.php/"--!" Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Coordinated Disclosure Timeline: Description|...

WordPress Plugin WP Support Plus Responsive Ticket System Elevation of Privilege Vulnerability

WordPress is the WordPress Software Foundation of a set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . WordPress plugin WP Support Plus Responsive Ticket System has an elevation of privilege vulnerability that can b...

WordPress WP Support Plus Responsive Ticket System 7.1.3 Plugin - Privilege Escalation Vulnerability

Exploit for php platform in category web applications Exploit Title: WP Support Plus Responsive Ticket System 7.1.3 Privilege Escalation Date: 10-01-2017 Software Link: https://wordpress.org/plugins/wp-support-plus-responsive-ticket-system/ Exploit Author: Kacper Szurek Contact:...

WordPress plugin Responsive Poll <= 1.7.4 - Cross-Site Scripting (XSS) & CSRF multiple vulnerabilities

WordPress plugin Responsive Poll = 1.7.4 affected by multiple vulnerabilities like Cross-Site Scripting XSS & Cross-Site Request Forgery CSRF. Lack of CSRF checks allows an unauthenticated attacker to modify polls. Also, the plugin fails to escape values put into HTML and thus makes possible for ...

WordPress Plugin WP Support Plus Responsive Ticket System 7.1.3 - Privilege Escalation

Exploit Title: WP Support Plus Responsive Ticket System 7.1.3 Privilege Escalation Date: 10-01-2017 Software Link: https://wordpress.org/plugins/wp-support-plus-responsive-ticket-system/ Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website: http://security.szurek.pl/...

Zurb Foundation 5.5.3 / 5.5.1 Cross Site Scripting Vulnerability

Zurb Foundation versions 5.5.1 and 5.5.3 suffer from a cross site scripting vulnerability. XSS vulnerabilty in the tooltip plugin of Zurb Foundation 5.x ============================================================= URL to this advisory: https://nop.li/foundation5tooltipxss Vendor ======...

[SECURITY] Fedora 23 Update: drupal7-theme-zen-5.6-1.fc23

Zen is a powerful, yet simple, HTML5 starting theme with a responsive, mobile-first grid design. If you are building your own standards-compliant theme, you will find it much easier to start with Zen than to start with Garland or Stark. This theme has fantastic online documentation...

[SECURITY] Fedora 24 Update: drupal7-theme-zen-5.6-1.fc24

Zen is a powerful, yet simple, HTML5 starting theme with a responsive, mobile-first grid design. If you are building your own standards-compliant theme, you will find it much easier to start with Zen than to start with Garland or Stark. This theme has fantastic online documentation...

Clinic Management System - Blind SQL Injection

Vulnerability Title : Clinic Management System Unauthenticated Blind SQL Injection apointment.php age Vulnerability Date : 11/07/2016 Exploit Author : Yakir Wizman Vendor Homepage : http://rexbd.net/software/clinic-management-system Version : All Versions Tested on : Apache | PHP 5.5.36 | MySQL...

WordPress Theme Creative Multi-Purpose 9.1.3 - Persistent Cross-Site Scripting

WordPress Theme Creative Multi-Purpose 9.1.3 - Persistent Cross-Site Scripting Vendor Homepage: http://bridge.qodeinteractive.com/ Software Link: http://themeforest.net/item/bridge-creative-multipurpose-wordpress-theme/7315054 Version: 9.1.3 Tested on: Debian 8, PHP 5.6.17-3 Type: Stored XSS,...

Uber: CSRF on eng.uber.com may lead to server-side compromise

The site eng.uber.com uses a WordPress plugin called Fluid Responsive Slideshow. The plugin doesn't implement any CSRF check for AJAX requests. Some of these AJAX requests can be used to modify posts and pages on the system. An attacker could use this bug to inject arbitrary JavaScript in any pag...

MyCustomers CMS 1.3.873 - SQL Injection

MyCustomers CMS 1.3.873 - SQL Injection Exploit Title : MyCustomers Cms Sql Injection Vulnerability Exploit Author : Persian Hack Team Vendor Homepage : http://www.iran-php.com/ Google Dork : "Powered By IranPHP" & inurl:/index.php?DPT=IP17 & "Powered+by+MyCustomers-1.3.873" Date: 2015/11/28...

LineNity WP Premium Theme Local File Inclusion

Document Title: =============== LineNity WP Premium Theme - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1645 Release Date: ============= 2015-11-15 Vulnerability Laboratory ID VL-ID: ==================================== 164...