Lucene search
K

7082 matches found

CVE
CVE
added 2020/05/29 1:10 p.m.41 views

CVE-2020-4490

CVE-2020-4490 affects IBM Business Automation Workflow (V18.0, V19.0) and IBM Business Process Manager (V8.0, V8.5, V8.6). The IBM bulletin confirms a reverse tabnabbing-mediated security bypass that could let remote attackers bypass restrictions and redirect victims to phishing sites. The root c...

6.1CVSS6.1AI score0.0086EPSS
Exploits0References2Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2020/05/28 4:31 p.m.24 views

Security Bulletin: Reverse tabnabbing vulnerability affects IBM Business Automation Workflow and IBM Business Process Manager (BPM) - CVE-2020-4490

Summary IBM Business Process Manager Process Center and IBM Business Automation Workflow Workflow Center are vulnerable to a reverse tabnabbing vulnerability. Vulnerability Details CVEID: CVE-2020-4490 DESCRIPTION: IBM Business Automation Workflow and IBM Business Process Manager could allow a...

6.1CVSS1.1AI score0.0086EPSS
Exploits0Affected Software4
Talos Blog
Talos Blog
added 2020/05/28 7:59 a.m.30 views

Dynamic Data Resolver (DDR) — IDA Plugin 1.0 beta

By Holger Unterbrink Executive summaryStatic reverse-engineering in IDA can often be problematic. Certain values are calculated at run time, which makes it difficult to understand what a certain basic block is doing. If you try to perform dynamic analysis by debugging a piece of malware, the...

2.6AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2020/05/28 6:53 a.m.36 views

Reverse Engineering a 5g ‘Bioshield’

Six months ago the UK's Glastonbury Town Council set up a 5g Advisory Committee to explore the safety of the technology, and last month the local paper reported their findings. This statement is in their recommended measures report page 31 of this PDF: 5G Bioshield https://5gbioshield.com/ We use...

6.9AI score
Exploits0
Atlassian
Atlassian
added 2020/05/27 7:45 a.m.86 views

Include additional parameters to avoid reverse tabnabbing exploits

A customer had their Confluence instance reviewed and found that it was susceptible to Reverse Tabnabbing, like Jira is in JRASERVER-68830. Steps to replicate the issue on Confluence can be found in the file below. ^tabnabbingfindingconfluence.pdf...

2.5AI score
Exploits0Affected Software1
Packet Storm
Packet Storm
added 2020/05/27 12:0 a.m.347 views

WordPress Drag And Drop File Upload Contact Form 1.3.3.2 Shell Upload

Exploit Title: WordPress Plugin Drag and Drop File Upload Contact Form 1.3.3.2 - Remote Code Execution Date: 2020-05-11 Exploit Author: Austin Martin Google Dork: inurl:wp-content/uploads/wpdndcf7uploads/ Google Dork: inurl:wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/...

0.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2020/05/26 10:31 a.m.4 views

Moderate: Red Hat Enhancement Advisory: rh-varnish6 bug fix and enhancement update

Updated rh-varnish6 packages are now available as a part of Red Hat Software Collections for Red Hat Enterprise Linux. Varnish Cache is a high-performance HTTP reverse proxy. The rh-varnish6 packages provide a recent stable release of Varnish Cache 6. The rh-varnish6 packages have been upgraded t...

7.8CVSS7.1AI score0.05742EPSS
Exploits0References3
0day.today
0day.today
added 2020/05/26 12:0 a.m.64 views

OpenEMR 5.0.1 - Remote Code Execution Exploit

Exploit for php platform in category web applications Title: OpenEMR 5.0.1 - Remote Code Execution Exploit Author: Musyoka Ian Title: OpenEMR 5.0.1 - Remote Code Execution Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/v5013.tar.gz Dockerfile:...

7.1AI score
Exploits0
0day.today
0day.today
added 2020/05/26 12:0 a.m.70 views

WordPress Drag and Drop File Upload Contact Form 1.3.3.2 - Remote Code Execution Exploit

Exploit for php platform in category web applications Exploit Title: WordPress Plugin Drag and Drop File Upload Contact Form 1.3.3.2 - Remote Code Execution Exploit Author: Austin Martin Google Dork: inurl:wp-content/uploads/wpdndcf7uploads/ Google Dork:...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/05/26 12:0 a.m.41 views

EulerOS 2.0 SP8 : squid (EulerOS-SA-2020-1591)

According to the versions of the squid package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to acce...

7.5CVSS7.2AI score0.7179EPSS
Exploits0References4
Exploit DB
Exploit DB
added 2020/05/26 12:0 a.m.332 views

OpenEMR 5.0.1 - Remote Code Execution (1)

Title: OpenEMR 5.0.1 - Remote Code Execution 1 Exploit Author: Musyoka Ian Date: 2020-05-25 Title: OpenEMR 5.0.1 - Remote Code Execution Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/v5013.tar.gz Dockerfile:...

7.4AI score
Exploits0
Kitploit
Kitploit
added 2020/05/25 6:30 a.m.95 views

AutoRDPwn v5.1 - The Shadow Attack Framework

AutoRDPwn is a post-exploitation framework created in Powershell, designed primarily to automate the Shadow attack on Microsoft Windows computers. This vulnerability listed as a feature by Microsoft allows a remote attacker to view his victim's desktop without his consent, and even control it on...

7.4AI score
Exploits0References8
Exploit DB
Exploit DB
added 2020/05/21 12:0 a.m.480 views

CloudMe 1.11.2 - Buffer Overflow (SEH,DEP,ASLR)

Exploit Title: CloudMe 1.11.2 - Buffer Overflow SEH,DEP,ASLR Date: 2020-05-20 Exploit Author: Xenofon Vassilakopoulos Vendor Homepage: https://www.cloudme.com/en Software Link: https://www.cloudme.com/downloads/CloudMe1112.exe Version: CloudMe 1.11.2 Tested on: Windows 7 Professional x86 SP1 Step...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/05/20 12:0 a.m.140 views

CloudMe 1.11.2 SEH / DEP / ASLR Buffer Overflow Exploit

Exploit Title: CloudMe 1.11.2 - SEH/DEP/ASLR Buffer Overflow Exploit Author: Xenofon Vassilakopoulos Vendor Homepage: https://www.cloudme.com/en Software Link: https://www.cloudme.com/downloads/CloudMe1112.exe Version: CloudMe 1.11.2 Tested on: Windows 7 Professional x86 SP1 Steps to reproduce: 1...

0.1AI score
Exploits0
Kitploit
Kitploit
added 2020/05/18 9:30 p.m.98 views

BlackDir-Framework - Web Application Vulnerability Scanner

Web Application Vulnerability Scanner. 1. Spider Directories 2. Find Sub Domain 3. Advanced Dorks Search 4. Scan list of Dorks 5. Scan WebSites Xss,Sql 6. Reverse Ip Lookup 7. Port Scan Installation: git clone https://github.com/RedVirus0/BlackDir-Framework.git cd BlackDir pip3 install -r...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2020/05/17 9:30 p.m.79 views

BADlnk - Reverse Shell In Shortcut File (.lnk)

Reverse Shell in Shortcut File .lnk How it works? Shortcut file Microsoft Windows 9.x LNK is a file extension for a shortcut file used by Microsoft Windows to point to an executable file. LNK stands for LiNK. Shortcut files are used as a direct link to an executable file, instead of having to...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2020/05/15 9:30 p.m.718 views

Getdroid - FUD Android Payload And Listener

FUD Android Payload And Listener Read the license before using any part from this code Malicious Android apk generator Reverse Shell Legal disclaimer: Usage of GetDroid for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local,...

7.3AI score
Exploits0References1
The Hacker News
The Hacker News
added 2020/05/14 10:20 a.m.89 views

Improper Microsoft Patch for Reverse RDP Attacks Leaves 3rd-Party RDP Clients Vulnerable

Remember the Reverse RDP Attack—wherein a client system vulnerable to a path traversal vulnerability could get compromised when remotely accessing a server over Microsoft's Remote Desktop Protocol? Though Microsoft had patched the vulnerability CVE-2019-0887 as part of its July 2019 Patch Tuesday...

8.5CVSS8.6AI score0.70966EPSS
Exploits0
The Hacker News
The Hacker News
added 2020/05/14 10:20 a.m.5 views

Improper Microsoft Patch for Reverse RDP Attacks Leaves 3rd-Party RDP Clients Vulnerable

Remember the Reverse RDP Attack—wherein a client system vulnerable to a path traversal vulnerability could get compromised when remotely accessing a server over Microsoft's Remote Desktop Protocol? Though Microsoft had patched the vulnerability CVE-2019-0887 as part of its July 2019 Patch Tuesday...

8.5CVSS7.8AI score0.70966EPSS
Exploits0
FireEye
FireEye
added 2020/05/12 12:0 a.m.101 views

Analyzing Dark Crystal RAT, a C# Backdoor

The FireEye Mandiant Threat Intelligence Team helps protect our customers by tracking cyber attackers and the malware they use. The FLARE Team helps augment our threat intelligence by reverse engineering malware samples. Recently, FLARE worked on a new C variant of Dark Crystal RAT DCRat that the...

7.3AI score
Exploits0References8
Rows per page
Query Builder