11967 matches found
CVE-2016-4619
...
moorings.co.uk XSS vulnerability
Vulnerable URL:...
OpenSSHD 7.2p2 User Enumeration
!/usr/bin/python CVEs: CVE-2016-6210 Credits for this go to Eddie Harari Author: 0o -- nullnull nu11.nu11 at yahoo.com Oh, and it is n-u-one-one.n-u-one-one, no l's... Wonder how the guys at packet storm could get this wrong : Date: 2016-07-19 Purpose: User name enumeration against SSH daemons...
Form Lightbox - Arbitrary Option Update Leading to Admin Account
This is a plugin that is no longer in the WordPress repository, however, is still in use on some sites. With this vulnerability an attacker can update any option in the WordPress database. This includes gaining an admin access. Using the file ajax.php that contains the following line: updateoptio...
esquareworld.com XSS vulnerability
Vulnerable URL: http://www.esquareworld.com/login.php?msg=...
Linux x86-64 Continuously-Probing Reverse Shell via Socket + Port-range + Password - 172 Bytes
Linux x86-64 Continuously-Probing Reverse Shell via Socket + Port-range + Password - 172 Bytes. Shellcode exploit for linx86-64 platform include include // Exploit Title: Continuously-Probing Reverse Shell via Socket + port-range + password 172 bytes // Date: 07/10/2016 // Exploit Author: CripSli...
Symantec Endpoint Protection Client 12.1.x < 12.1 RU6 MP5 Multiple Vulnerabilities (SYM16-010)
The version of Symantec Endpoint Protection Client installed on the remote host is 12.1 prior to 12.1 RU6 MP5. It is, therefore, affected by multiple vulnerabilities : - An array indexing error exists in the UnRAR component in the Unpack::ShortLZ function in unpack15.cpp that is triggered when...
Symantec AntiVirus - Heap Overflow Modifying MIME Messages
Symantec AntiVirus - Heap Overflow Modifying MIME Messages Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=818 Symantec attempts to clean or remove components from archives or other multipart containers that they detect as malicious. The code that they use to remove components...
stember.com XSS vulnerability
Vulnerable URL: http://www.stember.com/default.php?page="=1993-1992 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 22458805 VIP website status:| No Check stember.com SSL connection...
Heap-buffer-overflow in archive_le16dec
Project: https://github.com/libarchive/libarchive.git...
Elastic Kibana/X-Pack Detection (HTTP)
HTTP based detection of Elastic Kibana and X-Pack. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Airia - Cross-Site Request Forgery (Add Content)
Airia - Cross-Site Request Forgery Add Content document.forms.csrfpoc.submit;...
Libarchive Rar RestartModel Code Execution Vulnerability
SUMMARY An exploitable heap overflow vulnerability exists in the Rar decompression functionality of libarchive. A specially crafted Rar file can cause a heap corruption eventually leading to code execution. An attacker can send a malformed file to trigger this vulnerability. TESTED VERSIONS...
Nextcloud: Business/Functional logic bypass: Remove admins from admin group.
In nextcloud the default admin can not be removed from his admin group. The group toggle request looks like this: POST /nextcloud/index.php/settings/ajax/togglegroups.php HTTP/1.1 Host: 139.59.9.184 User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10.11; rv:47.0 Gecko/20100101 Firefox/47.0 Accep...
Struts2 S033 with the latest S037 detailed analysis-vulnerability warning-the black bar safety net
Just after children's Day back found that struts2 shows the S033, so put down the hands of the Lollipop quickly analyze. ! 0x01 vulnerability review First recall S033 According to the official description ! Obviously there are two key points: the first is the REST Plugin,the other is Dynamic Meth...
SecurityCheck and SecurityCheck Pro Vulnerable Versions: 2.8.9
Stored XSS and SQL Injection in SecurityCheck and SecurityCheck Pro Vulnerable Versions: 2.8.9 possibly below resolution: update to version 2.8.10 update notice: https://securitycheck.protegetuordenador.com/index.php/downloads/securitycheck-j3x...
Targeted Attacks against Banks in the Middle East
Introduction In the first week of May 2016, FireEye’s DTI identified a wave of emails containing malicious attachments being sent to multiple banks in the Middle East region. The threat actors appear to be performing initial reconnaissance against would-be targets, and the attacks caught our...
CJExploiter - Drag and Drop ClickJacking Exploit Development Assistance Tool
CJExploiter is drag and drop ClickJacking exploit development assistance tool. First open the "index.html" with your browser locally and enter target URL and click on "View Site". You can dynamically create your own inputs. Finally by click the "Exploit It" you can see the P0C. Summery...
In-depth understanding of cross-site WebSocket hijacking vulnerability principle and prevention-vulnerability and early warning-the black bar safety net
Preamble WebSocket as the HTML5 new features, one of extra to attract the developer's attention, because it appears that the client mainly refers to the browser provided on the Socket support as possible, so in between the client and server provides a based on a single TCP connection is a...
SOL71059632 - PHP vulnerability CVE-2015-8616
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...