Wikipedia Search Engine 1.0 Cross Site Scripting

Exploit Title: Wikipedia Search Engine PHP - xss Google Dork: N/A Date: 2017/31/12 Exploit Author: ShanoWeb Author Mail : MrdotNet2NetatGmaildotcom Vendor Homepage: https://www.codester.com/niagawebster Software Buy: https://www.codester.com/items/5328/wikipedia-search-engine-php Demo:...

Chatting System PHP Ajax MySQL JavaScript 1.0 Cross Site Scripting

Exploit Title: Chatting System PHP Ajax MySQL JavaScript - xss Google Dork: N/A Date: 2017/31/12 Exploit Author: ShanoWeb Author Mail : MrdotNet2NetatGmaildotcom Vendor Homepage: https://www.codester.com/IngeniousDeveloper Software Buy:...

Shopify: Ability to bypass partner email confirmation to take over any store given an employee email

I told Pete I would take a look at Spotify, hi Pete. Summary It's possible to take over any store account through partners given an employee email address. This is possible because I found a way to confirm arbitrary emails. I don't know the Shopify ecosystem well enough to know the other...

vostok.ru XSS vulnerability

Open Bug Bounty ID: OBB-457403 Description| Value ---|--- Affected Website:| vostok.ru Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...

SUSE-SU-2017:3410-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.103 to receive various security and bugfixes. This update enables SMB encryption in the CIFS support in the Linux Kernel fate324404 The following security bugs were fixed: - CVE-2017-1000410: The Linux kernel was affected by an informatio...

acumatica.com XSS vulnerability

Open Bug Bounty ID: OBB-456833 Description| Value ---|--- Affected Website:| acumatica.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat She...

Outlook for Android - Attachment Download Directory Traversal

''' There is a directory traversal issue in attachment downloads in Outlook for Android. There is no path sanitization on the attachment filename in the app. If the email account is a Hotmail account, this will be sanitized by the server, but for other accounts it will not be. This allows a file ...

CVE-2017-17522

Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is...

Semrush: Reflected XSS using Header Injection

Host : www.semrush.com Path : /billing-admin/profile/subscription/?l=de Payload : c5obc'+alert1+'p7yd5 Steps to reproduce : Request Header : GET /billing-admin/profile/subscription/?l=de HTTP/1.1 Host: www.semrush.com Accept: / Accept-Language: en User-Agent: Mozilla/5.0 compatible; MSIE 9.0;...

Apple macOS - necp_get_socket_attributes so_pcb Type Confusion

Apple macOS - necpgetsocketattributes sopcb Type Confusion / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1392&desc=2 When getsockopt edited; original report said "setsockopt" is called on any socket with level SOLSOCKET and optname SONECPATTRIBUTES, necpgetsocketattributes i...

Wireshark 2.4.0 - 2.4.2 / 2.2.0 - 2.2.10 - CIP Safety Dissector Crash Exploit

Exploit for multiple platform in category dos / poc Summary Name: CIP Safety dissector crash Docid: wnpa-sec-2017-49 Date: November 30, 2017 Affected versions: 2.4.0 to 2.4.2, 2.2.0 to 2.2.10 Fixed versions: 2.4.3, 2.2.11 References: Wireshark bug 14250 Details Description The CIP Safety dissecto...

alee.counselorrealty.com XSS vulnerability

Open Bug Bounty ID: OBB-448198 Description| Value ---|--- Affected Website:| alee.counselorrealty.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

openSUSE Security Update : tomcat (openSUSE-2017-1299)

This update for tomcat fixes the following issues : Security issues fixed : - CVE-2017-5664: A problem in handling error pages was fixed, to avoid potential file overwrites during error page handling. bsc1042910. - CVE-2017-7674: A CORS Filter issue could lead to client and server side cache...

bookshop.unsw.edu.au XSS vulnerability

Open Bug Bounty ID: OBB-429761 Description| Value ---|--- Affected Website:| bookshop.unsw.edu.au Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention...

unrar/unrar_fuzzer: Use-of-uninitialized-value in IsRelativeSymlinkSafe

Project: https://github.com/aawc/unrar.git Detailed report: https://oss-fuzz.com/testcase?key=5604229642190848 Project: unrar Fuzzer: libFuzzerunrarfuzzer Fuzz target binary: unrarfuzzer Job Type: libfuzzermsanunrar Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash...

Microsoft Edge: Memory corruption with Object.setPrototypeOf(CVE-2017-8751)

I accidentally found this while trying to reproduce another bug in Edge. Failed to reproduce on Microsoft Edge 38.14393.1066.0, Microsoft EdgeHTML 14.14393. Tested on Microsoft Edge 40.15063.0.0, Microsoft EdgeHTML 15.15063 Insider Preview. Crash Log: First chance exceptions are reported before a...

IKARUS anti.virus 2.16.7 - 'ntguard_x64' Local Privilege Escalation

/ Exploit Title - IKARUS anti.virus Arbitrary Write Privilege Escalation Date - 13th November 2017 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - https://www.ikarussecurity.com/ Tested Version - 2.16.7 Driver Version - 0.18780.0.0 - ntguardx64.sys Tested on OS - 64bit Windows 7 and...

DEBIAN-CVE-2017-1000382

VIM version 8.0.1187 and other versions most likely ignores umask when creating a swap file "ORIGINALFILENAME.swp" resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the vi binary...

gdal/cad_fuzzer: Crash in _int_malloc

Detailed report: https://oss-fuzz.com/testcase?key=5401392446439424 Project: gdal Fuzzer: libFuzzergdalcadfuzzer Fuzz target binary: cadfuzzer Job Type: libfuzzerubsangdal Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x7f9803eeb880 Crash State: intmalloc std::1::basicfilebuf ::setbu...

wireshark/fuzzshark_ip_proto-udp: Heap-buffer-overflow in get_t61_string

Detailed report: https://oss-fuzz.com/testcase?key=5410211289366528 Project: wireshark Fuzzer: libFuzzerwiresharkfuzzsharkipproto-udp Fuzz target binary: fuzzsharkipproto-udp Job Type: libfuzzerasanwireshark Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address: 0x619000790d80...