250 matches found
GHSA-VW27-FWJF-5QXM Arbitrary command execution on Windows via qutebrowserurl: URL handler
Impact Starting with qutebrowser v1.7.0, the Windows installer for qutebrowser registers it as a handler for certain URL schemes. With some applications such as Outlook Desktop, opening a specially crafted URL can lead to argument injection, allowing execution of qutebrowser commands, which in tu...
Ethernet place the JSON-RPC Interface to a variety of stolen currency technique big secret-vulnerability warning-the black bar safety net
In 2010, Laszlo the use of 10,000 bitcoin to buy a $ 25 pizza is considered bitcoin in the real world in the first transaction. In 2017, the block chain technology as the digital currency's price soared and standing on the air above. Who could have imagined that in 2010 that two pieces of pizza,...
Let's Encrypt Free SSL/TLS Certificate Now Trusted by Major Web Browsers
Yes, Let's Encrypt is now one step closer to its goal of offering Free HTTPS certificates to everyone. Let's Encrypt – the free, automated, and open certificate authority CA – has announced that its Free HTTPS certificates are Now Trusted and Supported by All Major Browsers. Let's Encrypt enables...
Pixie CMS 1.0 - Multiple Local File Inclusion Vulnerabilities
No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-09-005 Application: Pixie CMS Versions Affected: 1.0 Vendor URL: http://www.getpixie.co.uk/ Bug: Multiple Local File Include Exploits: YES Reported: 29.08.2008 Vendor Response: 30.08.2008 Solution: NONE Date...
Synactis All_IN_THE_BOX ActiveX 3.0 - Null byte File Overwrite Vuln
No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-09-006 http://www.dsecrg.com/pages/vul/show.php?id=62 Application: Synactis AllINTHEBOX ActiveX Versions Affected: 3 Vendor URL: http://synactis.com Bugs: Null byte File overwriting Exploits: YES Reported:...
ezContents CMS 2.0.3 - Multiple Local File Inclusion Vulnerabilities
No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-08-038 Application: ezContents CMS Versions Affected: 2.0.3 Application URL: http://www.ezcontents.org/ Vendor URL: http://www.visualshapers.com/ Bug: Multiple Local File Include Exploits: YES Reported:...
IBM BladeCenter Management Module - DoS vulnerability
No description provided by source. DSECRG-09-049 IBM BladeCenter Management Module - DoS vulnerability Source: http://www.dsecrg.com/pages/vul/show.php?id=149 This device can be remotely rebooted by sending a malformed TCP packets Digital Security Research Group DSecRG Advisory DSECRG-09-049...
OSSIM 2.1 - SQL Injection and xss
No description provided by source. OSSIM - Open Source Security Information Management is vulnerable to multiple security vulnerabilities. 1. SQL Injections 2. Linked XSS 3. Unauthorized access Digital Security Research Group DSecRG Advisory DSECRG-09-055 Application: OSSIM Versions Affected: 2.1...
PowerNews (Newsscript) 2.5.6 - Local File Inclusion Vulnerabilities
No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-08-014 Application: PowerNews Newsscript Versions Affected: 2.5.6 Vendor URL: http://www.powerscripts.org/ Bug: Multiple Local File Include Exploits: YES Reported: 01.02.2008 Vendor Response: none Solution:...
Pluck CMS 4.5.2 - Multiple Local File Inclusion Vulnerabilities
No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-08-037 Application: Pluck CMS Versions Affected: 4.5.2 Vendor URL: http://www.pluck-cms.org/ Bug: Multiple Local File Include Exploits: YES Reported: 28.07.2008 Vendor Response: 03.08.2008 Solution: YES Date...
blogcms 4.2.1b (sql/xss) Multiple Vulnerabilities
No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-08-003 Application: Blogcms Versions Affected: Blogcms 4.2.1b Vendor URL: http://blogcms.com/ Bugs: SQL Injestions, SiXSS, XSS Exploits: YES Reported: 15.01.2008 Vendor response: 16.01.2008 Date of Public...
Open Azimyt CMS <= 0.22 (lang) Local File Inclusion Vulnerability
No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-08-026 Application: Open Azimyt CMS Versions Affected: 0.22 minimal, 0.21 stable Vendor URL: http://azimyt.net/ Bug: Local File Include Exploits: YES Reported: 07.06.2008 Vendor Response: 08.06.2008 Solution...
RunCMS 1.6 - Remote Blind SQL Injection Exploit (IDS evasion)
No description provided by source. // / RUNCMS 1.6 BLIND SQL Injection Exploit + IDS evasion / // / exploit get hash of admin password / / / / Exploit is invisible for / / RUNCMS sql injection detecting mechanism / // // / tested on RUNCMS english version 1.6 / // // / Date of Public EXPLOIT:...
IBM Bladecenter Management - Multiple web application vulnerabilities
No description provided by source. DSECRG-09-054 IBM Bladecenter Management - Multiple vulnerabilities The BladeCenter management module is prone to multiple security vulnerabilities: Unauthorized Access, Directory Listing, XSS Digital Security Research Group DSecRG Advisory DSECRG-09-054...
Safari 4.0.5 - parent.close() Memory Corruption exploit (ASLR and DEP bypass)
No description provided by source. Download: http://www.exploit-db.com/sploits/safariparentclosesintsov.zip Unzip and run START.htm This exploit use JIT-SPRAY for DEP and ASLR bypass. jit-shellcode: systemnotepad 0day.html - use 0x09090101 address for CALL JITed shellcode. START.htm - iff.htm -...
Oracle Document Capture 10.1.3.5 Insecure Method / Buffer Overflow
No description provided by source. Source: http://packetstormsecurity.org/files/view/97871/DSECRG-11-006.txt ActiveX components contain insecure methods. Digital Security Research Group DSecRG Advisory DSECRG-11-006 internal DSECRG-09-066 Application: Oracle Document Capture Versions Affected:...
Oracle Document Capture Actbar2.ocx Insecure Method
No description provided by source. Source: http://packetstormsecurity.org/files/view/97866/DSECRG-11-004.txt ActiveX components contain insecure methods. Digital Security Research Group DSecRG Advisory DSECRG-00153 Application: Oracle Document Capture Versions Affected: Release 10gR3 Vendor URL:...
Alteon OS BBI (Nortell) - Multiple Vulnerabilities XSS and CSRF
No description provided by source. Exploit Title: Alteon OS BBI Nortell - Multiple Vulnerabilities Date: 16 Nov 09 Author: Sintsov Alexey Software Link: downoad link if available Version: = 21.0.8.3 and may be higher =25.1.0.0 Tested on: relevant os Code : exploit code From: DSecRG research dsecr...
Safari JS JITed shellcode - exec calc (ASLR/DEP bypass)
No description provided by source. !-- JIT-SPRAY for Safari 4.0.5 - 5.0.0 JavaScript JIT SHELLCODE and spray for ASLR / DEP bypass Win x32 By Alexey Sintsov from Digital Security Research Group Special for Hack In The Box 2010 Amsterdam PAYLOAD - exec calc Tested on Windows7 and Windows XP. Sorry...
IceWarp Mail Server 11.0.0.0 - Cross-Site Scripting
Disclaimer: This code is for Educational Purposes , I would Not be responsible for any misuse of this code Attack type : Remote Patch Status : Unpatched Exploitation : Author: Usman Saeed Company: Xc0re Security Research Group Website: http://www.xc0re.net Twitter : http://twitter.com/emuess...