Hostintel - A Modular Python Application To Collect Intelligence For Malicious Hosts

This tool is used to collect various intelligence sources for hosts. Hostintel is written in a modular fashion so new intelligence sources can be easily added. Hosts are identified by FQDN host name, Domain, or IP address. This tool only supports IPv4 at the moment. The output is in CSV format an...

CVE-2019-9713

An issue was discovered in Joomla! before 3.9.4. The sample data plugins lack ACL checks, allowing unauthorized access...

CVE-2019-9713

An issue was discovered in Joomla! before 3.9.4. The sample data plugins lack ACL checks, allowing unauthorized access...

[20190304] - Core - Missing ACL check in sample data plugins

The sample data plugins lack ACL checks, allowing unauthorized access...

Infogram: Report Design Critical Stored DOM XSS Vulnerability

Hi Team, Another XSS vulnerability in report designer but this one is critical. Problem Point Report's Overview Table Report Creation Url https://infogram.com/app/edit/e7b161f1-f708-48e5-bab7-de9887ae202a Sample Data Click for Detail Sample URL https://infogram.com/report-classic-1g57pr0g3xdvp01...

Joomla 3.2.1 - SQL Injection Vulnerability

No description provided by source. Exploit Title: Joomla 3.2.1 sql injection Date: 05/02/2014 Exploit Author: [email protected] Vendor Homepage: http://www.joomla.org/ Software Link: http://joomlacode.org/gf/download/frsrelease/19007/134333/Joomla3.2.1-Stable-FullPackage.zip Version: 3.2.1 default...

CVE-2012-5483

tools/sampledata.sh in OpenStack Keystone 2012.1.3, when access to Amazon Elastic Compute Cloud Amazon EC2 is configured, uses world-readable permissions for /etc/keystone/ec2rc, which allows local users to obtain access to EC2 services by reading administrative access and secret values from this...

RealNetworks RealPlayer RV30 Sample Arbitrary Index Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Real Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the...

RealNetworks RealPlayer RV30 Uninitialized Index Value Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Real Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the...

blueHOMES hacked - 500k users data and Password in Plain text leaked

blueHOMES hacked - 500k users data and Password in Plain text leaked Some Anonymous Hacker hack the French property and property Germany Dealers website blueHOMES.com . About 500,000 Users data claim to be hacked by Hacker and also database include all customer passwords in plaintext, including...

Office^2 iPhone - .XLS Denial of Service

Office^2 iPhone - .XLS Denial of Service I wrote a fuzzer "dumb fuzzer" and used a sample from http://www.ccp14.ac.uk/ccp/web-mirrors/bca-spreadsheets/scanplot101.xls which I randomly found on the internet. I mutated the data and tested roughly 1000 cases on several Document Reader Applications f...

[SECURITY] Fedora 12 Update: argyllcms-1.0.4-5.fc12

The Argyll color management system supports accurate ICC profile creation f or scanners, CMYK printers, film recorders and calibration and profiling of displays. Spectral sample data is supported, allowing a selection of illuminants obse rver types, and paper fluorescent whitener additive...

[SECURITY] Fedora 9 Update: argyllcms-1.0.3-4.fc9

The Argyll color management system supports accurate ICC profile creation f or scanners, CMYK printers, film recorders and calibration and profiling of displays. Spectral sample data is supported, allowing a selection of illuminants obse rver types, and paper fluorescent whitener additive...