11967 matches found
Palo Alto Networks PAN-OS 7.0.x < 7.0.12 Multiple Vulnerabilities
The version of Palo Alto Networks PAN-OS running on the remote host is 7.0.x prior to 7.0.12. It is, therefore, affected by multiple vulnerabilities : - A denial of service vulnerability exists when processing IPv6 traffic matching a predict session. An unauthenticated, remote attacker can exploi...
Linux User List Enumeration
Using the supplied credentials, Nessus was able to enumerate the local users and groups on the remote Linux host. TRUSTED...
Cisco Unified Communications Manager Administration Page Cross-Site Scripting Vulnerability
A vulnerability in the ccmadmin page of Cisco Unified Communications Manager CUCM could allow an unauthenticated, remote attacker to conduct reflected cross-site scripting XSS attacks. The vulnerability is due to improper sanitization or encoding of user-supplied data by the ccmadmin page of an...
Linux/x86 - Netcat (-e option disabled) Reverse Shell Shellcode (180 bytes)
/ ;author: Filippo "zinzloun" Bersani ;date: 05/12/2016 ;version: 1.0 ;X86 Assembly/NASM Syntax ;tested on: Linux OpenSuse001 2.6.34-12-desktop 32bit ; Linux ubuntu 3.13.0-100-generic 147precise1-Ubuntu 32bit ; Linux bb32 4.4.0-45-generic 32bit ; description: get a reverse shell executing a shell...
nwtdiscoveryportal.enr.gov.nt.ca XSS vulnerability
Vulnerable URL: http://nwtdiscoveryportal.enr.gov.nt.ca/geoportal/catalog/search/resource/review.page?uuid=%22-alert/OPENBUGBOUNTY/-%22 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Ran...
Linux/x86 - Netcat (-e option disabled) Reverse Shell Shellcode (180 bytes)
Linux/x86 - Netcat -e option disabled Reverse Shell Shellcode 180 bytes. Shellcode exploit for Linx86 platform / ;author: Filippo "zinzloun" Bersani ;date: 05/12/2016 ;version: 1.0 ;X86 Assembly/NASM Syntax ;tested on: Linux OpenSuse001 2.6.34-12-desktop 32bit ; Linux ubuntu 3.13.0-100-generic...
PDF Shaper Buffer Overflow Exploit
PDF Shaper is prone to a security vulnerability when processing PDF files. The vulnerability appear when we use Convert PDF to Image and use a specially crafted PDF file. This Metasploit module has been tested successfully on Win Xp, Win 7, Win 8, Win 10. This module requires Metasploit:...
Disk Savvy Enterprise 9.1.14 - GET Remote Buffer Overflow
Disk Savvy Enterprise 9.1.14 - GET Remote Buffer Overflow !/usr/bin/python import socket,os,time SEH Stack Overflow in GET request Disk Savvy Enterprise 9.1.14 Tested on Windows XP SP3 && Windows 7 Professional host = "192.168.1.20" port = 80 badchars \x00\x09\x0a\x0d\x20 msfvenom -a x86 --platfo...
printonline.fedex.com XSS vulnerability
Open Bug Bounty ID: OBB-195271 Description| Value ---|--- Affected Website:| printonline.fedex.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Disk Sorter Enterprise 9.1.12 - Login Remote Buffer Overflow
Disk Sorter Enterprise 9.1.12 - Login Remote Buffer Overflow !/usr/bin/python print "Disk Sorter Enterprise 9.1.12 Login Buffer Overflow" print "Author: Tulpa / tulpaattulpa-securitydotcom" Author website: www.tulpa-security.com Author twitter: @tulpasecurity Exploit will land you NT...
AndroidNative layer file parsing vulnerability mining guide-vulnerability warning-the black bar safety net
This article to hand Q A file parsing class vulnerability discovery, for example, describes the Android Native layer file parsing type of the vulnerability discovery process Hand Q this application from the function is very large, if the use similar to the MFFA framework to dig the file parsing...
Ubuntu 15.10 - 'USERNS ' Overlayfs Over Fuse Privilege Escalation
Source: http://www.halfdog.net/Security/2016/OverlayfsOverFusePrivilegeEscalation/ Introduction Problem description: On Ubuntu Wily it is possible to place an USERNS overlayfs mount over a fuse mount. The fuse filesystem may contain SUID binaries, but those cannot be used to gain privileges due t...
barunsoncard.com XSS vulnerability
Vulnerable URL: http://www.barunsoncard.com/event/event2016anniversary47listproc.asp?jsoncallback=prompt/OPENBUGBOUNTY/...
Microsoft Bolsters Ransomware Protection in Windows 10
Microsoft says it hardened its ransomware defenses in Windows 10 Anniversary Update in the face of skyrocketing infection rates and a doubling in the number ransomware variants released into the wild over the past 12 months. In a whitepaper PDF released last week, Microsoft explained its latest...
Mail.ru: [qpt.mail.ru] CRLF Injection / Open Redirect
Уязвимый сценарий: /tests/ Уязвимый параметр: qptquestionurl Пример Open Redirect:...
Paragon Initiative Enterprises: Not using Binary::safe* functions for substr/strlen function
Several places in the code don't use Binary::safe or CryptoUtil::safe functions, but use raw functions instead strlen/substr which can act as mbfuncname instead not count bytes for strlen/etc... 1...
Internet Bug Bounty: malloc negative size parameter
https://bugs.php.net/bug.php?id=73445 Thank you for your consideration...
Internet Bug Bounty: Heap overflow due to integer overflow in php_escape_html_entities_ex() function
The fix for this bug has been committed: https://bugs.php.net/bug.php?id=73398 Description: ------------ I have found some vulnerable code at phpescapehtmlentitiesex function. phpescapehtmlentitiesex function creates a new zendstring object to store html data. The size of destination string depen...
Internet Bug Bounty: iconv() function missing string length check
https://bugs.php.net/bug.php?id=73368...
dance.nyc XSS vulnerability
Vulnerable URL: https://www.dance.nyc/search/?dir=%3C/script%3E%3Cscript%3Ealert'OPENBUGBOUNTY';%3C/script%3E%3Cscript%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 759468 VIP...