11967 matches found
CVE-2017-11543
tcpdump 4.9.0 has a buffer overflow in the sliplinkprint function in print-sl.c...
Unikrn: Flash CSRF: Update Ad Frequency %: [cp-ng.pinion.gg]
Description: ----------- Attacker can update the user's Ad Frequency % using flash + 307 redirect trick by making post request to particular endpoint. Step To Reproduce: ----------- + Get logged at: https://cp-ng.pinion.gg + Visit: http://geekboy.ninja/poc/freq.swf + Ad Frequency should be update...
ManageEngine Firewall Analyzer Detection (HTTP)
HTTP based detection of ManageEngine Firewall Analyzer. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
Orangescrum 1.6.1 - Multiple Vulnerabilities
Exploit Title: Orangescrum 1.6.1 Multiple Vulnerabilities Google Dork: NA Date: July 9 2017 Exploit Author: [email protected] Author blog : cupuzone.wordpress.com Vendor Homepage: https://www.orangescrum.org/ Software Link: https://www.orangescrum.org/free-download Version: 1.6.1 Tested on:...
RaidenHTTPD 2.0.44 User-Agent Cross Site Scripting
Exploit Title: RaidenHTTPD 2.0.44 - User-Agent - HTML Injection & Cross-site scripting Exploit Author: sultan albalawi :@bofheaded :https://hackinguyz.blogspot.com/ exploit User-Agent HTTP header : For remote testing use http-live -There is no need to use the script alertdocument.cookiewxo3i...
Schneider Electric Pelco VideoXpert Core Admin Portal Directory Traversal Vulnerability
Pelco VideoXpert suffers from a directory traversal vulnerability. Exploiting this issue will allow an unauthenticated attacker to view arbitrary files within the context of the web server. Schneider Electric Pelco VideoXpert Core Admin Portal Directory Traversal Vendor: Schneider Electric SE...
sammler.com XSS vulnerability
Vulnerable URL: http://www.sammler.com/coins/valuablecoinsatebay.asp?land=Europe=1"...
Fedora 25 : libmtp (2017-4c57da6642)
libmtp 1.1.13 ============= Christophe Vu-Brugier 1 : - added GoPro HERO5 Black Emeric Grange 2 : - added GoPro HERO5 Session - rename F5321 into XPeria X Compact Gaute Hope 2 : - add GoPro Hero+ - add mtp-detect for GoPro Hero+ Jerry Zhang 1 : - Update Google device strings, add PTP+ADB id Marcu...
shop.bcs.org XSS vulnerability
Vulnerable URL: http://shop.bcs.org/display.asp?contrast=2size=3=9781780172774=1"...
scgames.bauer.uh.edu XSS vulnerability
Vulnerable URL: http://scgames.bauer.uh.edu/scmorderplot.asp?game=1"...
JapsPer pointer undefined vulnerability analysis-vulnerability warning-the black bar safety net
0×01: introduction JapsPer project is an open source project, it provides a method based on the jpeg-2000 part of the standard. This project was originally developed by Image Power and University of British Columbia collaboration. Currently, the ongoing JapsPer software maintenance and developmen...
Invalid token creation and validation
More info at https://simplesamlphp.org/security/201708-01...
Article on the DAO Ethereum Hack
This is good...
PayPal Inc BB #149 - (Gift) Insufficient Authentication
Document Title: =============== PayPal Inc BB 149 - Gift Insufficient Authentication References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=1973 ID EIBBP-34368 Release Date: ============= 2017-06-20 Vulnerability Laboratory ID VL-ID:...
Database of Over 198 Million U.S. Voters Left Exposed On Unsecured Server
Information on more than 198 Million United States citizens, that's over 60% of the US population, was exposed in what's believed to be the largest ever known exposure of voter-related to date. This blunder was caused by Deep Root Analytics DRA, a data analytics firm employed by the US Republican...
Yelp: Firefly's verify_access_token() function does a byte-by-byte comparison of HMAC values.
Dear Yelp bug bounty team, Summary --- Firefly is vulnerable to timing attacks, because the verifyaccesstoken function performs a byte-by-byte comparison, which terminates early when two characters do not match. Timing attacks are a type of side channel attack where one can discover valuable...
On Microsoft's XP Patches, Hidden Cobra, MacRansom, and More
Mike Mimoso and Chris Brook discuss the news of the week, including Microsoft’s XP patches, Hidden Cobra, a Nigerian BEC campaign, MacRansom, and more. Download: ThreatpostNewsWrapJune162017.mp3 Music by Chris Gonslaves...
catalog.trimblelibrary.org XSS vulnerability
Vulnerable URL: http://catalog.trimblelibrary.org/TLCScripts/interpac.dll?SearchForm=1=pac=,0,%3C!%27/!%22/!%27/%22/--!%3E%3CInput/Autofocus%20/;%20Onfocus=alert'OPENBUGBOUNTY'//%3E%3CSvg%3E= Details: Description| Value ---|--- Patched:| No Latest check for patch:| 29.07.2017 Vulnerability type:|...
Linux/x86 - XOR encoded execve(/bin/sh) setuid(0) setgid(0) Shellcode (66 bytes)
;Title: Linux/x86 - 66 byte - execve/bin/sh - setuid0 - setgid0 - XOR encrypted ;Author: nullparasite ;Contact: email protected ;Category: Shellcode ;Architecture: Linux x86 ;Description: This shellcode, first set uid and gid to zero then call shell using execve. Also, /bin/sh defined as a XOR...
Hashcat v3.6.0 - World's Fastest and Most Advanced Password Recovery Utility
hashcat is the world's fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and OSX, and has facilities to help enable...