inoERP 4.15 SQL Injection

Exploit Title: inoERP 4.15 - 'download' SQL Injection Date: 2019-09-13 Exploit Author: Semen Alexandrovich Lyhin Vendor Homepage: http://inoideas.org/ Version: 4.15 CVE: N/A A malicious query can be sent in base64 encoding to unserialize function. It can be deserialized as an array without any...

Hisilicon HiIpcam V100R003 Remote ADSL - Credentials Disclosure Exploit

!/usr/bin/perl -w Hisilicon HiIpcam V100R003 Remote ADSL Credentials Disclosure Copyright 2019 c Todor Donev Hisilicon HiIpcam V100R003 Remote ADSL Credentials Disclosure ============================================================= Exploit Author: Todor Donev 2019 Disclaimer: This or previous...

libhevc:hevc_dec_fuzzer: Stack-use-after-return in ihevcd_process_thread

Project: https://android.googlesource.com/platform/external/libhevc Detailed Report: https://oss-fuzz.com/testcase?key=5176835272343552 Project: libhevc Fuzzing Engine: libFuzzer Fuzz Target: hevcdecfuzzer Job Type: libfuzzerasani386libhevc Platform Id: linux Crash Type: Stack-use-after-return RE...

ir.thehrjob.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-977924 Security Researcher 0xrocky Helped patch 1796 vulnerabilities Received 7 Coordinated Disclosure badges Received 5 recommendations , a holder of 7 badges for responsible and coordinated disclosure, found a security vulnerability affecting ir.thehrjob.com website and...

Clones of popular Ad blockers caught ad frauding millions of Chrome users

By Waqas If you are using these two Ad Blockers we suggest removing from your browser right now or be home to extensive ongoing ad fraud. This is a post from HackRead.com Read the original post: Clones of popular Ad blockers caught ad frauding millions of Chrome users...

bd.thesciencejob.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-973199 Security Researcher garletmarco Helped patch 1540 vulnerabilities Received 4 Coordinated Disclosure badges , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting bd.thesciencejob.com website and its users. Followi...

docentes.sesisenaipr.org.br Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-969286 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

Are IoT Threats Discussed In The Cybercriminal Underground?

With IoT devices expected to reach tens of billions in the next few years, is it any wonder that cybercriminals are looking for ways to take advantage of this massive attack surface to generate illicit money? A number of Trend Micro researchers from around the globe decided to look into this and...

apertura.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-959150 Security Researcher geeknik Helped patch 8834 vulnerabilities Received 8 Coordinated Disclosure badges Received 21 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting apertura.com website and it...

Exploit for Use After Free in Microsoft

CVE-2019-0708 CVE-2019-0708 using Metasploit-Framework...

Rockwell Automation/Allen-Bradley PanelView 5510 2715P-T7WD 7-in. Touch HMI Terminal

Binary data 765026.prm...

druki-formularze.pl Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-956678 Security Researcher geeknik Helped patch 8815 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting druki-formularze.pl website...

cad.rocktwp.net Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-955364 Security Researcher Gh05tPT Helped patch 6884 vulnerabilities Received 10 Coordinated Disclosure badges Received 48 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting cad.rocktwp.net website a...

capecoralcharter.org Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-955363 Security Researcher Gh05tPT Helped patch 6884 vulnerabilities Received 10 Coordinated Disclosure badges Received 48 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting capecoralcharter.org...

ChaosPro 2.0 - SEH Buffer Overflow

ChaosPro 2.0 - SEH Buffer Overflow !C:\Python27\python.exe Title : ChaosPro 2.0 Twitter : @securitychops Blog Post : https://securitychops.com/2019/08/24/retro-exploit-series-episode-one-chaospro-3-1.html this needs to be a backwards jump to give us room to call stack jump code jmpback80 =...

bcsa.bleckley.k12.ga.us Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-953821 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

CVE-2017-18339

...

Sentrifugo 3.2 Cross Site Scripting

Exploit Title: Sentrifugo 3.2 - Persistent Cross-Site Scripting Google Dork: N/A Date: 8/29/2019 Exploit Author: creosote Vendor Homepage: http://www.sentrifugo.com/ Version: 3.2 Tested on: Ubuntu 18.04 CVE : CVE-2019-15814 Multiple Stored XSS vulnerabilities were found in Sentrifugo 3.2. In most...

QEMU Denial Of Service

include include include include include include include include include include include include include include include include include define diex do \ perrorx; \ exitEXITFAILURE; \ while0; // Constans define SRCADDR "10.0.2.15" define DSTADDR "10.0.2.2" define INTERFACE "ens3" define ETHHDRLEN ...

CVE-2019-14777

The Control function of demux/mkv/mkv.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free...