7082 matches found
CVE-2021-21476
CVE-2021-21476 (SAP UI5) affects SAP UI5 versions before 1.38.49, 1.52.49, 1.60.34, 1.71.31, 1.78.18, 1.84.5, 1.85.4, and 1.86.1. The vulnerability is described as an open redirect caused by Reverse Tabnabbing, allowing an unauthenticated attacker to redirect users to a malicious site. The connec...
Reverse Engineering Keys from Firmware. A how-to
TL;DR It is possible to reverse engineer keys from firmware with some tips: 1. Always looks for strings/constants. 2. Make guesses about the original source. 3. Find a function you can recognise and work backwards to identify other functions. 4. It helps if they use open-source code so you can cr...
pwntools
This repository is an open-source project for a Python library called pwntools, which is used for reverse engineering and exploitation of binaries. The library is designed to be a comprehensive tool for security researchers and developers. The repository contains a variety of files, including:...
Geacon - Implement CobaltStrike's Beacon In Go
Using Go to implement CobaltStrike's Beacon This project is for learningprotocol analysis and reverse engineering only, if someone's rights have been violated, please contact me to remove the project, and the last DO NOT USE IT ILLEGALLY How to play 1. Setup the teamserver and start a http...
PhreeBooks 5.2.3 Remote Code Execution
Exploit Title: PhreeBooks 5.2.3 - Remote Code Execution Date: 22 Jan 2021 Exploit Author: Kr0ff Vendor Homepage: https://www.phreesoft.com/ Software Link: https://sourceforge.net/projects/phreebooks/ Version: 5.2.3 Tested on: Windows Server 2016 !/usr/bin/env python3 ''' DESCRIPTION: - PhreeBooks...
Exploit for CVE-2019-1068
CVE-2019-1068 Root cause analysis and PoC for a Microsoft SQL...
EulerOS 2.0 SP5 : ruby (EulerOS-SA-2021-1228)
According to the version of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not...
Design/Logic Flaw
OAuth2 Proxy is an open-source reverse proxy and static file server that provides authentication using Providers Google, GitHub, and others to validate accounts by email, domain or group. In OAuth2 Proxy before version 7.0.0, for users that use the whitelist domain feature, a domain that ended in...
CVE-2021-21291
CVE-2021-21291: OAuth2 Proxy (open-source reverse proxy) before v7.0.0 had a vulnerability in the whitelist-domain feature where a domain matched for redirects could be broader than intended (e.g., .example.com could match example.com and badexample.com). This could allow unintended redirects. Im...
PT-2021-14396 · Unknown +2 · Blaze-Core +5
Name of the Vulnerable Software and Affected Versions: http4s versions prior to 0.21.17 http4s versions prior to 0.22.0-M2 http4s versions prior to 1.0.0-M14 Description: The issue is related to the blaze-core library, which accepts connections unboundedly on its selector pool. This can lead to a...
Online Reviewer System 1.0 SQL Injection / Shell Upload
!/bin/bash Exploit Title: Online Reviewer System PHPPDO - RCE & ADMIN BYPASS Exploit Author: Richard Jones Date: 2021-01-31 Vendor Homepage: https://www.sourcecodester.com/php/12937/online-reviewer-system-using-phppdo.html Software Link:...
Mofi Network MOFI4500-4GXeLTE 安全特征问题漏洞
The Mofi Network MOFI4500-4GXeLTE is a wireless router from Mofi Network. A security vulnerability exists in the Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices, which can be exploited by an attacker to know the generation algorithm via firmware reverse, and directly calculate the one-time passwo...
h2o -- uninitialised memory access in HTTP3
Emil Lerner reports: When receiving QUIC frames in certain order, HTTP/3 server-side implementation of h2o can be misguided to treat uninitialized memory as HTTP/3 frames that have been received. When h2o is used as a reverse proxy, an attacker can abuse this vulnerability to send internal state ...
Quick.CMS 6.7 Remote Code Execution
Exploit Title: Quick.CMS 6.7 - Remote Code Execution Authenticated Date: 2020-12-28 Exploit Author: mari0x00 Vendor Homepage: https://opensolution.org/ Software Link: https://opensolution.org/download/?sFile=Quick.Cmsv6.7-pl.zip Description:...
SonicWall SSL-VPN 8.0.0.0 - 'visualdoor' Remote Code Execution (Unauthenticated)
Exploit Title: SonicWall SSL-VPN 8.0.0.0 - 'shellshock/visualdoor' Remote Code Execution Unauthenticated Exploit Author: Darren Martyn Vendor Homepage: https://www.home-assistant.io/ Version: SMA 8.0.0.4 Blog post: https://darrenmartyn.ie/2021/01/24/visualdoor-sonicwall-ssl-vpn-exploit/...
Metasploit Framework 6.0.11 - msfvenom APK template command injection
Exploit Title: Metasploit Framework 6.0.11 - msfvenom APK template command injection Exploit Author: Justin Steven Vendor Homepage: https://www.metasploit.com/ Software Link: https://www.metasploit.com/ Version: Metasploit Framework 6.0.11 and Metasploit Pro 4.18.0 CVE : CVE-2020-7384 !/usr/bin/e...
MobileIron MDM Hessian-Based Java Deserialization Remote Code Execution Exploit
This Metasploit module exploits an ACL bypass in MobileIron MDM products to execute a Groovy gadget against a Hessian-based Java deserialization endpoint. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...
CVE-2020-36202
An issue was discovered in the async-h1 crate before 2.3.0 for Rust. Request smuggling can occur when used behind a reverse proxy...
CVE-2020-36202
An issue was discovered in the async-h1 crate before 2.3.0 for Rust. Request smuggling can occur when used behind a reverse proxy...
Design/Logic Flaw
An issue was discovered in the async-h1 crate before 2.3.0 for Rust. Request smuggling can occur when used behind a reverse proxy...