7082 matches found
CVE-2019-12490
An issue was discovered in Simple Machines Forum SMF before 2.0.16. Reverse tabnabbing can occur because of use of blank for external links...
CVE-2019-12490
An issue was discovered in Simple Machines Forum SMF before 2.0.16. Reverse tabnabbing can occur because of use of blank for external links...
Code injection
An issue was discovered in Simple Machines Forum SMF before 2.0.16. Reverse tabnabbing can occur because of use of blank for external links...
CVE-2019-12490
An issue was discovered in Simple Machines Forum SMF before 2.0.16. Reverse tabnabbing can occur because of use of blank for external links...
CVE-2019-12490
SMF contains a reverse tabnabbing flaw (CVE-2019-12490) in which external links opened with _blank can enable credential theft when a user visits a crafted site. Affected: Simple Machines Forum before 2.0.16. Root cause: improper handling of external links (target="_blank"). Impact documented as ...
Simple Machines Forum (SMF) Reverse Tag Phishing Vulnerability
Simple Machines Forum is developed by Simple Machines open source Internet forums , message board programs. A reverse tag phishing vulnerability exists in Simple Machines Forum SMF versions prior to 2.0.16. The vulnerability stems from the use of blank for external links. An attacker can exploit...
Internet Bug Bounty: Squid as reverse proxy RCE and data leak
Summary: This was a very difficult experience as Squid maintainers took a long time to answer. I tried getting help from HackerOne support, Dropbox support and the Internet Bug Bounty never e-mailed me back to no avail. What could have taken a few days took months. The vulnerability concerns a...
AntiCheat-Testing-Framework - Framework To Test Any Anti-Cheat
Framework to test any Anti-Cheat on the market. This can be used as Template or Code Base to test any Anti-Cheat and learn along the way. The entry level to reverse AntiCheats and Cheats is quite high, therefore, I'm realeasing all the code I developed during my research. The main idea is to help...
Exploit for Improper Privilege Management in Centreon
CVE-2019-19699 Centreon =\ After logging in we navi...
Content Delivery Networks handle HTTP headers in different and unexpected ways
Overview A Content Delivery Network CDN is a distributed network of proxy servers that deliver web content collected from a back end web server using a temporary local storage called a cache. HTTP cache poisoning is a type of attack that allows a remote attacker to inject arbitrary content using...
Provisioning Services | Unable to Reverse Image A vDisk Using P2PVS, Getting "The Destination Disk Is Too Small"
Reverse imaging error - Unable to reverse image a vDisk using P2PVS getting "The destination Disk is too small"...
Exploit for Improper Access Control in Oracle Communications_Diameter_Signaling_Router
CVE-2019-2729 Exploit code for CVE-2019-2729 Oracle Weblogic r...
Fedora Update for radare2 FEDORA-2019-e931422a81
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
ASTPP VoIP 4.0.1 - Remote Code Execution
ASTPP VoIP 4.0.1 - Remote Code Execution Exploit Title: ASTPP VoIP 4.0.1 - Remote Code Execution Date: 2019-11-18 Exploit Author: Fabien AUNAY Vendor Homepage: https://www.astppbilling.org/ Software Link: https://github.com/iNextrix/ASTPP/tree/v4.0.1 Version: 4.0.1 vendor default setup script...
ASTPP VoIP 4.0.1 Remote Code Execution
Exploit Title: ASTPP VoIP 4.0.1 - Remote Code Execution Date: 2019-11-18 Exploit Author: Fabien AUNAY Vendor Homepage: https://www.astppbilling.org/ Software Link: https://github.com/iNextrix/ASTPP/tree/v4.0.1 Version: 4.0.1 vendor default setup script Tested on: Debian 9 - CentOS 7 CVE : - ASTPP...
ASTPP VoIP 4.0.1 - Remote Code Execution Vulnerability
Exploit Title: ASTPP VoIP 4.0.1 - Remote Code Execution Exploit Author: Fabien AUNAY Vendor Homepage: https://www.astppbilling.org/ Software Link: https://github.com/iNextrix/ASTPP/tree/v4.0.1 Version: 4.0.1 vendor default setup script Tested on: Debian 9 - CentOS 7 CVE : - ASTPP 4.0.1 VoIP Billi...
Fast8690-exploit
Sagemcom Fast 3890 exploit This exploit uses the Cable Haunt...
CVE-2020-5307
PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL injection, as demonstrated by the username parameter in index.php, the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName and ProductPrice parameters in...
Reverse Imaging with UEFI targets fail with error : "failed to write disk" while doing the reverse image from vdisk to volume
Description : Unable to create a new vDisk after performing reverse imaging to upgrade VM Ware Tools...
Concrete CMS: Remote Code Execution (Reverse Shell) - File Manager
Remote Code Execution Reverse Shell - File Manager • Title: concrete5-8.5.2 Remote Code Execution - Reverse Shell • Keyword: crayons • Software : concrete5 • Product Version: 8.5.2 • Vulnerability : Remote Code Execution - Reverse Shell • Vulnerable component: File Manager The attacker needs the...