11967 matches found
BugPoC: DOM based Cross-site Scripting
Summary: The postMessage API is an alternative to JSONP, XHR with CORS headers and other methods enabling sending data between origins. It was introduced with HTML5 and like many other cross-document features it can be a source of client-side vulnerabilities. Steps To Reproduce: Visit -...
MMS Exploit Part 4: MMS Primer, Completing the ASLR Oracle
Posted by Mateusz Jurczyk, Project Zero This post is the fourth of a multi-part series capturing my journey from discovering a vulnerable little-known Samsung image codec, to completing a remote zero-click MMS attack that worked on the latest Samsung flagship devices. New posts will be published ...
Car Rental Management System 1.0 Remote Code Execution
Exploit Title: Car Rental Management System v1.0 - Unauthenticated RCE Exploit Author: Adeeb Shah @hyd3sec Shout out: Bobby Cooke boku Date: August 3, 2020 Vendor Homepage: https://projectworlds.in Software Link:...
DSA-4740-1 thunderbird - security update
Bulletin has no description...
myjobspace.co.nz Cross Site Scripting vulnerability OBB-1243397
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
thegioiaothundep.com Cross Site Scripting vulnerability OBB-1243286
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Code Injection in mahdaen/node-import
Overview node-import is a package that imports dependencies and run it directly or concatenate them and exports to file. This package is vulnerable to Arbitrary Code Execution. The params argument of the module function can be controlled by users without any sanitization. This is then provided to...
Microsoft Windows Unsafe Handling Practices Vulnerability
This post outlines multiple unsafe practices in Microsoft Windows that can allow for local privilege escalation. This multi-part post can be read even without a MIME-compliant program! Back in 2014, I reported a vulnerability in CreateProcess's handling of .cmd and .bat files that Microsoft fixed...
F5 Big-IP 13.1.3 Build 0.0.6 - Local File Inclusion
Exploit Title: F5 Big-IP 13.1.3 Build 0.0.6 - Local File Inclusion Date: 2019-08-17 Exploit Author: Carlos E. Vieira Vendor Homepage: https://www.f5.com/products/big-ip-services Version: 0: return True else: return False else: return False def leakPasswd: print"+ Leaking /etc/passwd from server"...
Weblate: Open Github Repo Leaking WEBLATE SECRET KEY
Team, While going through Github search I discovered a public repository which contains Weblate Secret Key Issue & Poc: Repo: https://github.com/WeblateOrg File:https://github.com/WeblateOrg/weblate/blob/592472958f7b847701c51b36f4768b9784219fa1/weblate/settingsdocker.py SECRETKEY = os.environ.get...
DJI drone app can transfer sensitive data and install malicious apps
By Deeba Ahmed DJI drone app called "DJI GO4" can have full control of the users' devices... This is a post from HackRead.com Read the original post: DJI drone app can transfer sensitive data and install malicious apps...
OSV-2020-1011 Heap-buffer-overflow in ndpi_search_mail_smtp_tcp
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18731 Crash type: Heap-buffer-overflow READ 4 Crash state: ndpisearchmailsmtptcp checkndpitcpflowfunc ndpidetectionprocesspacket...
sklekaren.sk Cross Site Scripting vulnerability OBB-1234527
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Important Announcement
ATTENTION: Your vulnerability tests are out of maintenance and not updated since July 1st 2020. Your setup of Greenbone Source Edition will not report about any new threats in your scanned environment since this date! REASON: Your Greenbone setup is connected to a discontinued download protocol o...
NewStart CGSL MAIN 6.01 : python3 Multiple Vulnerabilities (NS-SA-2020-0030)
The remote NewStart CGSL host, running version MAIN 6.01, has python3 packages installed that are affected by multiple vulnerabilities: - http.cookiejar.DefaultPolicy.domainreturnok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into...
fcn-usa.org Improper Access Control vulnerability OBB-1232729
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
awards.theingots.org Cross Site Scripting vulnerability OBB-1226505
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
About the security content of macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra
About the security content of macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra This document describes the security content of macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra. About Apple security updates F...
CVE-2019-15887
...
Small CRM 2.0 SQL Injection
Exploit Title: Small CRM in PHP - 'id' SQL Injection Date: 2020-07-05 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/small-crm-php/ Software Link:...