Fortinet FortiGate 4.x 5.0.7 - SSH Backdoor Access

Fortinet FortiGate 4.x 5.0.7 - SSH Backdoor Access !/usr/bin/env python SSH Backdoor for FortiGate OS Version 4.x up to 5.0.7 Usage: ./fgtsshbackdoor.py import socket import select import sys import paramiko from paramiko.py3compat import u import base64 import hashlib import termios import tty d...

53KF XSS打客服

简要描述： RT 详细说明： http://www22.53kf.com 在截图的时候截断 修改图片地址为XSS地址 即可打客服 漏洞证明：...

PostgreSQL CREATE LANGUAGE Execution

Some installations of Postgres 8 and 9 are configured to allow loading external scripting languages. Most commonly this is Perl and Python. When enabled, command execution is possible on the host. To execute system commands, loading the "untrusted" version of the language is necessary. This...

CVE-2015-8420

creationtimestamp| type| source ---|---|--- 2015-12-18 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39044...

华创智能加速路由器后门

No description provided by source...

Coinbase: HTML injection in apps user review

just watch this video https://www.dropbox.com/s/360cytluyiw2ym9/HTMLI.mp4?dl=0 this about full fake login exploit https://www.youtube.com/watch?v=5iRylyJTzWc...

金蝶协作办公系统 /kingdee/tree/tree/rules/get_nodes.jsp 参数 node SQL注射

No description provided by source...

通达OA系统 /interface/auth.php SQL注入漏洞

No description provided by source...

Advanced uploader - Local File Inclusion

The Advanced uploader WordPress plugin was affected by a Local File Inclusion security vulnerability. http://www.example.com/wp-content/plugins/advanced-uploader/upload.php?destinations=../../../../../../../../../wp-config.php%00...

ok.ru: Same-Origin Policy bypass on main domain - ok.ru

Hello, I've just found a way to bypass Same-Origin Policy mechanism using vulnerability in one of swf files on your cdn. Let me explain this in details: 1. First of all - your Crossdomain which defines from what domains Flash files can read content on ok.ru. Crossdomain file is located here -...

Auto ThickBox Plus <= 1.9 - Reflected Cross-Site Scripting (XSS)

The auto-thickbox-plus WordPress plugin was affected by a Reflected Cross-Site Scripting XSS security vulnerability. http://www.example.com/wp-content/plugins/auto-thickbox-plus/download.min.php?file=%3Cscript%3Ealert%281%29%3C/script%3E...

WordPress Plugin WP-Client 3.8.7 - Persistent Cross-Site Scripting

Application: WP-Client Version: 3.8.7 Author: Pier-Luc Maltais from COSIG Twitter: @COSIG 1 Introduction 2 Report Timeline 3 Technical details 4 POC =============== 1 Introduction =============== One plugin configures multiple areas of your WordPress installation and allows the site Administrator...

ZTE ZXHN H108N R1A任意文件读取漏洞

No description provided by source...

Wireshark /wiretap/pcapng.c 远程拒绝服务漏洞

No description provided by source...

x64 Linux egghunter in 24 bytes

x64 Linux egghunter in 24 bytes. Shellcode exploit for linx86-64 platform / ;Title: x64 Linux egghunter in 24 bytes ;Author: David Velรกzquez a.k.a d4sh&r ;Contact: https://mx.linkedin.com/in/d4v1dvc ;Description: x64 Linux egghunter that looks for the string "h@ckh@ck" ; and then execute the...

foobar2000 1.3.9 - &#039;.pls&#039; / &#039;.m3u&#039; / &#039;.m3u8&#039; Local Crash (PoC)

Exploit Title: foobar2000 1.3.9 .pls; .m3u; .m3u8 Local Crash PoC Date: 11-15-2015 Exploit Author: Antonio Z. Vendor Homepage: http://www.foobar2000.org/ Software Link: http://www.foobar2000.org/getfile/036be51abc909653ad44d664f0ce3668/foobar2000v1.3.9.exe Version: 1.3.9 Tested on: Windows XP SP3...

PHP Server Monitor 3.1.1 Privilege Escalation

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-PHPSRVMONITOR-PRIV-ESCALATE.txt Vendor: ================================ www.phpservermonitor.org...

Hitron Router CGN3ACSMR 4.5.8.16 - Arbitrary Code Execution

Hitron Router CGN3ACSMR 4.5.8.16 - Arbitrary Code Execution Exploit title: Hitron Router CGN3ACSMR - Remote Code Execution Author: Dolev Farhi dolevf at protonmail.ch Date: 29-10-2015 Vendor homepage: http://www.hitrontech.com/en/index.php Software version: 4.5.8.16 Hardware version: 1A Details:...

通达OA集团最新版一处盲注漏洞demo测试（需登录）

简要描述： 集团OA最新版，未过滤'，然后再绕过过滤函数，root权限 详细说明： 厂商官网：http://.../ 集团demo地址：.../ SQL漏洞地址： .../general/document/index.php/send/sendlist/sendfor/?tid=&title=1 参数title可注入 这个点竟然没有过滤单引号' 爆SQL语句： 提交： .../general/document/index.php/send/sendlist/sendfor/?tid=&title=1%' and 1=2 union select 返回： 不安全的SQL语句：联合查询...

iGENUS系统某处任意文件遍历

简要描述： RT 详细说明： 开始提交的是看到http://.../bugs/wooyun-2010-0136712。还以为是重复了。仔细看看原来不是重复的。同样的是Lang存在遍历，%00截断 http://...//sys/login.php?Lang=../../../../../../../../../../etc/passwd%00.jpeg&cmd=form 谷歌搜索关键字:iGENUS-系统管理中心 ...:8090/sys/login.php?cmd=form 部分案例 http://...:8090/sys/login.php?cmd=form...