Lucene search
K

7082 matches found

Github Security Blog
Github Security Blog
added 2020/09/03 5:19 p.m.72 views

Reverse Tabnabbing in quill

Versions of quill prior to 1.3.7 are vulnerable to Reverse Tabnabbing. The package uses target='blank' in anchor tags, allowing attackers to access window.opener for the original page when opening links. This is commonly used for phishing attacks. Recommendation No fix is currently available...

4.8AI score
Exploits0References4Affected Software1
Metasploit
Metasploit
added 2020/09/02 5:41 p.m.17 views

Windows Inject Reflective PE Files, Windows x64 Reverse Named Pipe (SMB) Stager

Inject a custom native PE file into the exploited process using a reflective PE loader. The reflective PE loader will execute the pre-mapped PE image starting from the address of entry after performing image base relocation and API address resolution. This module requires a PE file that contains...

7AI score
Exploits0
Metasploit
Metasploit
added 2020/09/02 5:41 p.m.20 views

Windows Inject Reflective PE Files, Reverse TCP Stager (RC4 Stage Encryption, Metasm)

Inject a custom native PE file into the exploited process using a reflective PE loader. The reflective PE loader will execute the pre-mapped PE image starting from the address of entry after performing image base relocation and API address resolution. This module requires a PE file that contains...

7.1AI score
Exploits0
Metasploit
Metasploit
added 2020/09/02 5:41 p.m.17 views

Windows Inject Reflective PE Files, Reverse TCP Stager with UUID Support (Windows x64)

Inject a custom native PE file into the exploited process using a reflective PE loader. The reflective PE loader will execute the pre-mapped PE image starting from the address of entry after performing image base relocation and API address resolution. This module requires a PE file that contains...

7AI score
Exploits0
Metasploit
Metasploit
added 2020/09/02 5:41 p.m.13 views

Windows Inject PE Files, Reverse TCP Stager (RC4 Stage Encryption, Metasm)

Inject a custom native PE file into the exploited process using a reflective PE loader. The reflective PE loader will execute the pre-mapped PE image starting from the address of entry after performing image base relocation and API address resolution. This module requires a PE file that contains...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/09/02 12:0 a.m.59 views

Amazon Linux 2 : squid (ALAS-2020-1486)

The version of squid installed on the remote host is prior to 3.5.20-15. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1486 advisory. An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive informatio...

7.5CVSS7.6AI score0.7179EPSS
Exploits0References9
Exploit DB
Exploit DB
added 2020/09/02 12:0 a.m.118 views

Rukovoditel 2.7.1 - Remote Code Execution (2) (Authenticated)

!/usr/bin/python3 Exploit Title: Rukovoditel 2.7.1 - Remote Code Execution Authenticated Exploit Author: @danyx07 Vendor Homepage: https://www.rukovoditel.net/ Software Link: https://www.rukovoditel.net/download.php Version: Rukovoditel -p you can provide credentials, load the image with PHP...

9.8CVSS9.7AI score0.26778EPSS
Exploits4
Packet Storm
Packet Storm
added 2020/08/31 12:0 a.m.368 views

CMS Made Simple 2.2.14 Shell Upload

!/usr/bin/python3 -- coding: utf-8 -- Exploit Title: CMS Made Simple 2.2.14 - Arbitrary File Upload Authenticated Google Dork: N/A Date: 2020-08-31 Exploit Author: Luis Noriega @nogagmx Vendor Homepage: https://www.cmsmadesimple.org/ Software Link:...

Exploits0
Exploit DB
Exploit DB
added 2020/08/31 12:0 a.m.461 views

CMS Made Simple 2.2.14 - Arbitrary File Upload (Authenticated)

!/usr/bin/python3 -- coding: utf-8 -- Exploit Title: CMS Made Simple 2.2.14 - Arbitrary File Upload Authenticated Google Dork: N/A Date: 2020-08-31 Exploit Author: Luis Noriega @nogagmx Vendor Homepage: https://www.cmsmadesimple.org/ Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/08/28 12:0 a.m.373 views

TP-Link WDR4300 Remote Code Execution

!/usr/bin/python3 import sys import hashlib import base64 import requests import binascii import socket """ RCE via stack-based overflow on TP-Link WDR4300 N750 devices, using CVE-2017-13772. Tested on Firmware versions 3.13.33, Build 130618 and 3.14.3 Build 150518, hardware WDR4300 v1 Usage: 1...

9CVSS8.8AI score0.52559EPSS
Exploits8
Hacker One
Hacker One
added 2020/08/27 8:23 a.m.14 views

Brave Software: Redirecting users to malicious torrent-files/websites using WebTorrent

Summary: An attacker can redirect a user to a malicious torrent file/website using a reverse tab-nabbbing flaw in WebTorrent. Description WebTorrent allows user to open files after download of while they are being downloaded directly from the browser F965466 An attacker can use this to redirect...

1.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/08/27 12:0 a.m.40 views

Debian DSA-4750-1 : nginx - security update

It was reported that the Lua module for Nginx, a high-performance web and reverse proxy server, is prone to a HTTP request smuggling vulnerability. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4750. The te...

7.5CVSS7.2AI score0.02599EPSS
Exploits0References5
0day.today
0day.today
added 2020/08/25 12:0 a.m.33 views

Linux/x86 reverse TCP Shellcode (84 bytes)

Title: Linux/x86 - Reverse TCP Shellcode 84 bytes Author: Xenofon Vassilakopoulos Tested on: Linux 3.13.0-32-generic 57precise1-Ubuntu i686 i386 GNU/Linux Architecture: i686 GNU/Linux Shellcode Length: 84 bytes SLAE-ID: SLAE - 1314 --------------------- Reverse Shellcode ---------------------...

0.2AI score
Exploits0
OSV
OSV
added 2020/08/24 12:6 p.m.6 views

SUSE-SU-2020:14460-1 Security update for squid3

This update for squid3 fixes the following issues: - Fixed a Cache Poisoning and Request Smuggling attack CVE-2020-15049, bsc1173455 - Fixed incorrect buffer handling that can result in cache poisoning, remote execution, and denial of service attacks when processing ESI responses CVE-2019-12519,...

9.9CVSS9.2AI score0.74477EPSS
Exploits1References39
NVD
NVD
added 2020/08/21 5:15 a.m.15 views

CVE-2020-14194

Zulip Server before 2.1.5 allows reverse tabnapping via a topic header link...

5.8CVSS5.5AI score0.00685EPSS
Exploits0References1
OSV
OSV
added 2020/08/21 5:15 a.m.13 views

CVE-2020-14194

Zulip Server before 2.1.5 allows reverse tabnapping via a topic header link...

5.4CVSS6.8AI score
Exploits0References1
Prion
Prion
added 2020/08/21 5:15 a.m.12 views

Design/Logic Flaw

Zulip Server before 2.1.5 allows reverse tabnapping via a topic header link...

5.8CVSS5.5AI score0.00685EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/08/21 4:37 a.m.15 views

CVE-2020-14194

Zulip Server before 2.1.5 allows reverse tabnapping via a topic header link...

5.5AI score0.00685EPSS
Exploits0References1
CVE
CVE
added 2020/08/21 4:37 a.m.58 views

CVE-2020-14194

CVE-2020-14194 affects Zulip Server prior to 2.1.5. The issue is a reverse tabnapping vulnerability triggered by a topic header link, enabling tabnabbing conditions in the Zulip web UI. Exploitation details are not provided beyond the reverse tabnapping description in the connected documents; no ...

5.8CVSS5.4AI score0.00685EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2020/08/21 12:0 a.m.2 views

Zulip Server Reverse Tag Kidnapping Vulnerability

Zulip is a powerful open source group chat application that combines the immediacy of live chat with the productivity benefits of threaded conversations.Zulip Server is the Zulip server. A reverse tag kidnapping vulnerability exists in Zulip Server versions prior to 2.1.5. An attacker can exploit...

5.8CVSS6.7AI score0.00685EPSS
Exploits0References1
Rows per page
Query Builder